Penetration Testing
Security Services
KanREN has established a partnership with Coalfire to provide penetration testing services to its members. Coalfire brings extensive experience in cybersecurity assessment and compliance, having worked with Kansas Board of Regents (KBOR) institutions. The firm’s proven expertise and deep understanding of the regulatory environments in higher education, government, and healthcare make it a trusted partner in advancing members’ information security posture.
Key Deliverables:
Project and technical oversight
Security assessment services
Final reports with executive summary
Detailed findings with risk ratings
Tactical remediation guidance
Established Contract
KanREN members benefit from our thorough RFP process and the resulting selection of Coalfire as a trusted partner. With an established contract and pre-negotiated pricing, institutions can access these services efficiently and with confidence.
Tiered, Fixed Pricing Model
We have collaborated with Coalfire to develop a tiered pricing model, ensuring that these security services are accessible to members of all sizes.
Remediation Focus
Coalfire works with participating members to not only report on findings, but also includes strategic tactical remediation guidance.
Compliance Confidence
Testing supports FERPA, GLBA, HIPAA, and NIST 800-171 readiness, ensuring that participating members can operate within the highest security standards.
Services
Internal/External Penetration Testing
Comprehensive, expert-led testing of your internal and external networks to identify risks and provide clear, actionable remediation guidance.
| Scope | Price | Details |
|---|---|---|
| External Penetration Testing | ||
| Small | $8,515 | Testing includes up to 15 externally facing machines/hosts and one round of retest within 90 days. |
| Large | $13,120 | Testing includes up to 75 externally facing machines/hosts and one round of retest within 90 days. |
| Internal Penetration Testing | ||
| Small | $10,160 | Testing starting from one network, includes up to 50 internal machines/hosts and one round of retest within 90 days. |
| Medium | $14,405 | Testing starting from one network, includes up to 300 internal machines/hosts and one round of retests within 90 days. |
| Large | $18,655 | Testing includes up to 75 externally facing machines/hosts and one round of retest within 90 days. |
Web Application Security Assessment Services
Thorough, context-aware testing of your web applications to uncover vulnerabilities, validate risks, and deliver clear, actionable remediation steps.
| Scope | Price | Details |
|---|---|---|
| External Penetration Testing | ||
| Small | $12,603 | Scoped to one (1) web application. The application contains no more than a combined 25 input forms or web services (Application Programming Interface (API)) methods. Application with 1–2 roles and limited or no data segmentation across users with the same role. Testing timeboxed to 3–4 days of active testing. |
| Medium | $17,109 | Scoped to one (1) web application. Application with more than 2 roles and has horizontal data segmentation. Testing timeboxed to ~5 days of active testing. |
| Large | $22,960 | Scoped to one (1) web application. Complex application with more than 3 roles, granular data segmentation rules, and complex feature. Testing timeboxed to ~7 days of active testing. |
Custom Quotes Available: For specialized service needs, contact info@kanren.org. Required for healthcare organizations due to system sensitivity.