Pen Testing as a Service (PTaaS) is a subscription-based security testing service offered by Pen Test Partners, designed to complement traditional point-in-time penetration tests by enabling on-demand, targeted testing of changes made to systems and applications. The service is structured around a tiered, subscription model where clients purchase a block of testing time in advance, which can be drawn down as needed. Testing is billed in half-day increments, making it suited for scoped tasks ranging from a half day up to two days. For larger engagements estimated at three or more days, clients are directed to a conventional penetration testing engagement. PTaaS is particularly suited to environments operating continuous development workflows such as CI/CD, where repeated full penetration tests are cost-prohibitive. Rather than re-testing an entire system, clients can request targeted testing of specific changes — such as a new function in a web application or a modification to infrastructure components. Clients interact with the service through a dedicated PTaaS portal, where they enter a description of the change to be tested, along with any required credentials or access details. The scope is determined within minutes of submission, and testing can begin immediately. Results are delivered in real time, with a concise report provided at the end of the test window. A one-time authorization is required at the start of the contract to establish legal permission to test. The service covers the following asset types: - External infrastructure - Web applications - Mobile applications - APIs PTaaS is intended to be used alongside an initial full manual penetration test, which establishes a security baseline. Subsequent PTaaS engagements are then used to validate security of incremental changes against that baseline.