Technology & Digital
Penetration Testing Agreement
Security assessment and penetration testing agreement with authorized scope, safe harbor clause, and confidentiality terms. Two signers (tester and client).
Document Preview
# Penetration Testing and Security Assessment Agreement **Effective Date:** ___________ This Penetration Testing and Security Assessment Agreement ("Agreement") is entered into by and between: **Security Tester:** ___________ ("Tester") **Client:** ___________ ("Client") ## 1. Purpose The Client engages the Tester to conduct authorized security testing of the Client's systems, networks, and/or applications to identify vulnerabilities, assess security posture, and provide actionable remediation recommendations. ## 2. Scope of Authorized Testing **Assessment Type:** ___________ **In-Scope Systems/Assets:** ___________ **Out-of-Scope Systems/Assets:** ___________ **IP Addresses/Domains in Scope:** ___________ **Testing Methodology:** ___________ ## 3. Testing Parameters **Testing Window:** ___________ to ___________ **Testing Hours:** ___________ **Notification of Testing:** ___________ **Exploitation Level:** ___________ **Social Engineering Permitted:** ___________ **Denial-of-Service Testing:** ___________
Fields (44)
effective date
date · required
tester name
text · required
client name
text · required
assessment type
select · required
in scope
textarea · required
out of scope
textarea · required
ip ranges
textarea · required
methodology
select · required
testing start
date · required
testing end
date · required
testing hours
select · required
notification
select · required
exploitation level
select · required
social engineering
select · required
dos testing
select · required
notification window
select · required
authorizing executive
text · required
executive title
text · required
emergency contact
text · required
emergency phone
text · required
tester emergency
text · required
tester emergency phone
text · required
critical notification
select · required
data handling
select · required
report format
select · required
report delivery
select · required
retest
select · required
testing fee
text · required
payment structure
select · required
payment terms
select · required
payment method
select · required
late fee
text · required
eo insurance
select · required
cyber insurance
select · required
tester personnel
select · required
lead tester
text · required
certifications
text · required
compliance
select · required
termination notice
select · required
governing state
select · required
tester signer name
text · required
tester signer title
text · required
client signer name
text · required
client signer title
text · required
Send this template with cryptographic proof
Every signed document gets PAdES-LTA digital signatures, dual RFC 3161 timestamps, and a tamper-proof evidence package sealed in WORM storage.