Small businesses and local agencies get breached through the same handful of doors: exposed services, weak authentication, unpatched applications. AmPen exists to find those doors before someone else does.
We test like an attacker, report like a partner, and retest for free once you’ve fixed what we found.
AmPen Pricing
External Network Test
- External network and perimeter testing
- Public-facing service and configuration review
- Plain-English findings report with severity ratings
- Remediation guidance for your team or IT provider
Web Application Test
- Full web application penetration test
- Authentication, session, and access-control testing
- OWASP Top 10 coverage and beyond
- Developer-ready findings with reproduction steps
Annual Security Program
- Annual penetration test (network or web app)
- Quarterly vulnerability scans with summary reports
- Compliance-ready documentation for insurers and auditors
- Priority scheduling for emerging-threat checks
- Direct line to a US-based security engineer
Scope drives price — a fixed quote is provided after a short scoping call, before any testing begins. All testing is performed under a signed authorization agreement.
What's Included
Clear Scoping
A short call defines exactly what gets tested and when. You get a fixed quote and a signed authorization agreement before we touch anything.
Reports Humans Can Read
Findings ranked by real-world risk, written so both your leadership and your IT provider know what to do next.
Free Retest
Fix the findings and we verify the fix — the retest is part of the engagement, not an upsell.
Insurance & Compliance Ready
Documentation formatted for cyber-insurance applications, auditors, and government contract requirements.
Remediation Help
Stuck on a fix? Our team can help directly or work with your existing IT provider.
US-Based Testers
Testing and reporting performed by our US-based team — your data never leaves the country.
Real humans. US‑based. Every plan.
Every Linnflux service comes with the same promise: when you reach out, a real person from one of our three US offices answers — no offshore ticket queues, no chatbots pretending to help.
- Three US offices Pennsylvania, Alabama, and New York
- Talk to a person (717) 707-5225 reaches our team, not a call center
- Partners since 2014 Small businesses and government agencies trust us year after year
Frequently Asked Questions
Is penetration testing legal?
Yes — when authorized. Every AmPen engagement runs under a signed authorization agreement defining exactly what we may test and when. We never test systems without written permission from their owner.
My cyber-insurance application asks about penetration testing. Is this what they mean?
Yes. Insurers increasingly require or discount for regular penetration testing and vulnerability scanning. Our reports are formatted so you can attach them directly to applications and renewals.
How is a penetration test different from a vulnerability scan?
A scan is automated and finds known issues; a penetration test adds a human attacker's judgment — chaining weaknesses together, testing business logic, and proving what's actually exploitable. Our Annual Security Program includes both.
Will testing take my systems down?
Testing is scheduled around your business hours and scoped to avoid disruption. Anything potentially disruptive is flagged and approved with you in advance.
What do we get at the end?
A findings report with severity ratings and reproduction steps, an executive summary for leadership, remediation guidance, and a free retest that documents what was fixed.
Ready to get started with AmPen?
Talk to a real person about your project — no obligation, no pressure.