pentestcostcalculator.com
Pen test scope

Cloud configuration / pen test

AWS, Azure, GCP configuration review, IAM analysis, public-asset enumeration. Often a hybrid of configuration audit and active testing.

Small
3-5d
£3,000-£7,500 UK
Medium
5-10d
£5,000-£15,000 UK
Large
10-20d
£10,000-£30,000 UK

Standards typically applied

CIS Benchmarks (AWS/Azure/GCP)OWASP Cloud Top 10AWS Well-Architected Security pillar

Considerations that move the day count

  • Multi-cloud engagements scale roughly linearly with each additional cloud provider
  • Container / Kubernetes adds 30-50% above plain VM-based cloud scope
  • Cloud-native services (Lambda, Azure Functions, GKE Autopilot) need specialist tester — generally higher rate
Source

CIS Benchmarks + OWASP + Precursor Security 2026 scope ranges

Verified 2026-06-02
Other scopes
Web application pen test5-10dExternal infrastructure pen test4-8dInternal infrastructure pen test5-10dMobile application pen test5-10dAPI pen test4-8dRed team engagement20-40d