Choosing Vaadata

Vaadata, a team dedicated to pentests

Choosing Vaadata is choosing to work with a small, hyper-specialized team.

Why a small team?

Because the decision circuits are shorter. Because collaboration is closer. Because it increases our motivation and allows us to do a good job!

Why hyper-specialization?

Because offensive security requires skills and a state of mind that are different from defensive security. Because we cannot know everything. Because mastering the pentester’s job requires a lot of time.

Internal team or outsourcing?

Working with Vaadata also means entrusting a security audit to a company that does not subcontract and does not use independent workers. This is the essential condition for ensuring the standard of quality we have set for ourselves.

How many pentesters for each security audit?

A pentest involves work by between one and three pentesters, according to the duration and the complexity of the planned pentests. For recurrent pentests, it is possible to change the team from one test session to another, in order to benefit from different viewpoints, while keeping one same project manager who can advise you on the change of scope of the tests, thanks to the knowledge of your business context.

Contact us

A CREST accredited and ISO 27001 / 27701 certified company

Vaadata is a CREST accredited and ISO 27001 / 27701 certified company.

CREST is an accreditation issued by an independent non-profit organization whose mission is to structure the quality approach of companies offering technical cybersecurity services.

We obtained this certification following a rigorous assessment of our processes and methodology, in order to meet the demands of our international clients.

We also achieved ISO 27001 and ISO 27701 certification for our entire scope, demonstrating our commitment to maintaining a secure environment, whether in terms of our business processes and tools, our internal infrastructure, our human resources organization or, more generally, our entire information system, with regard to both our customers and our company.

vaadata crest banner
vaadata iso 27001 banner
vaadata iso 27701 banner

Democratizing security and pentests

Our mission is to make security widely available for companies, including start-ups and SMEs.

A pragmatic approach

Our observation is simple: It is better to do little than to do nothing at all. This reasoning applies to both security and other fields.
It is not always easy to embark on a security audit, for reasons of budget, priority, or the time required to spend on it.
In addition, not all companies face the same level of risk: a young start-up and a large bank do not need to apply the same range of security resources and measures.
This is why Vaadata offers security auditing solutions adapted to each type of company.

Adapted pricing

We offer different security audit packs to adapt to all budgets. The price of a pentest varies between €750 and €25,000.

For some pentests, it is also possible to choose “success fees” pricing: price according to the flaws identified by our team of pentesters.


Progressive assistance

We position ourselves as a partner capable of assisting you in the long term, as your business develops and your security challenges change.

After a first pentest, we are able to make specific recommendations on the next security steps to consider, with proposals tailored to your budget.

We can set up recurring pentest sessions, with a single contact person in charge of analyzing the changes in your needs and the priorities from one session to the next.

This corresponds to a subscription system, which can be adjusted at any time to take your needs into account.

Transfer of skills

A security audit makes it possible to transfer security skills to the teams of the client company.

There are various scenarios: a Web platform audit will increase the skills of developers and system administrators, while a social engineering audit will increase the skills of all people working in the company.

Depending on the results of the security audit, it is possible to complement the pentest with training to maximize the transfer of skills.

It is also possible to strengthen the transfer of skills through consultancy work with the team concerned.

Consulting offers

Specific support for start-ups

Vaadata works with numerous start-ups based in Europe and the USA.

They include early stage start-ups and big start-ups, whose issues are not the same.

Vaadata proposes young start-ups an introductory offer with a competitive price: €750 for a first security audit.


Vaadata then proposes different packages to gradually increase the scope covered by the pentest or the depth level of the pentest.

The typical path of a start-up follows a number of stages, from the development of a first version to the position of leader in its market: first pentest (start-up offer), light audit, standard audit, recurring audits, social engineering audit, etc.

This can of course be adjusted according to the start-up’s business sector, its level of maturity in security, and external requirements of its customers and investors.

An adaptable, independent company

Vaadata is an adaptable company, favouring close collaboration with its customers, and is independent, with 100% of its capital owned by its operational directors.

Adaptability and friendliness

Our size and our way of organization allow us to give priority to dynamism and adaptability in our relationships with our clients.

We are able to adapt to most of your requests: fast start date, specific reporting requirements, last minute requests, etc.

In the sometimes anxious world of cybersecurity, we attach particular importance to friendliness in exchanges and empathy towards our clients.


We are free to establish our course, goals and values. Our main objective is to work in a profession that is our passion, and to continuously develop our skills to offer an exceptional level of quality to our clients.

We give preference to organic growth and a robust company, rather than an objective of short-term profitability. This allows us to build long-term relationships with our clients, and to assist them at their own pace.


We are neutral with respect to all market solutions. We are not resellers of any security solution or any pentest tool. We focus on expertise and on the result of the audit, rather than using one tool at the expense of another.

We are not judge and judged regarding the security audits we perform. We do not develop solutions for our clients: we only provide our view of the security aspect.

We are neutral with regard to industrial and tertiary companies. We have no vested interest in or conflict of interest with the companies whose security level we assess.

Contact us