Pentera Reviews

Name: Pentera
Brand: Pentera
Rating: 3.9 (10 reviews)

3.9 out of 5

10 reviews
100% willing to recommend

What is Pentera?

Pentera is the category leader for Automated Security Validation, allowing every organization to evaluate its security readiness, to know its real security risk at any given moment. Test all cybersecurity layers across the attack surface – inside and out – by safely emulating attacks & prioritize patching with a risk-based remediation roadmap.

Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited. For more info visit: pentera.io

Get the Breach and Attack Simulation (BAS) Buyer's Guide and find out what your peers are saying about Pentera, Akamai Guardicore Segmentation, Cymulate and more!

Pentera is the #2 ranked solution in top Penetration Testing Services and Breach and Attack Simulation vendors. PeerSpot users give Pentera an average rating of 7.8 out of 10. Pentera is most commonly compared to Akamai Guardicore Segmentation: Pentera vs Akamai Guardicore Segmentation. Pentera is popular among the large enterprise segment, accounting for 58% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 14% of all views.

Buyer's Guide

Breach and Attack Simulation (BAS)

July 2025

Get the category report

Helped 861,524 peers since 2012

Featured Pentera reviews

Sabbir Ahmed

Director at Infosonik Systems Ltd

Comprehensive Attack Surface includes several features. Omni Attack Surface discovers, assesses, and exploits vulnerabilities across both internal networks and external assets, including cloud environments from a single platform. External Attack Surface Management (EASM) and Internal Network Validation test internal security controls and identify weaknesses within the internal network. Automated Penetration Testing features are provided through the Pentera Surface module. Surface provides automated validation and penetration testing features with a proactive, continuous, and highly realistic approach to cybersecurity validation, helping organizations understand and reduce their true cyber exposure. They have AI-based reporting that leverages AI to identify patterns of exploitability over time, aggregate results across sites, and highlight recurring weaknesses. They offer two types of reports: an elaborate technical report for CTOs and an Executive Summary for management. When customers see the reports after completing the POC, they are impressed by how detailed the technical report is, while management can understand what actions need to be taken to protect their network and infrastructure. Recent Gartner reports indicate that traditional VAPT companies perform vulnerability testing at specific times, which creates security gaps. Pentera provides continuous validation, running 24/7 in the infrastructure. This means when any vulnerability appears due to firmware upgrades, OS updates, or software changes, it can be automatically identified in real-time.

Read full review

Richard Marlow

Vulnerability Testing Manager at Frasers Group

The tool is quite scalable. There's a one-to-one relationship between the engine and how many scans we can do. We can only do one scan with one engine. We had some issues around the password assessments because we added a lot of users. It took a long time. I rate the scalability a seven out of ten. We have three users in our organization.

Read full review

Jon Medvenics

Chief Hacker at Heretek

One of the big issues we have is that the tool has an additional license for compromised credentials. Suppose compromised credentials for any of your domains appear in leaks, dumps, or are being sold. In that case, they try to aggregate that data and highlight that, for example, ten users appeared in recent dumps as compromised credentials. However, they don't provide much information about where those compromises came from or their source information, probably to protect their sources. Also, if you have credentials and want to check if they're still valid or can still be used, and you confirm they can't be used (maybe they're from a leak or a twenty-year-old database), there's no way for you to flag that these credentials aren't a problem anymore. The solution has a sort of flat report. It's annoying to go through lots of legwork only to see the same names or credentials still there, and you can't do anything about it in their portal. We've given them feedback, but I think it's probably on their long list of feature requests to address. For me, that would be a greater user configuration of the tests performed on a granular level. As I mentioned with Cymulate, they show you every line of code they will run and what tool is being used, step by step. Pentera is more closed in that regard. If Pentera released a feature that allows you to alter the attack path or change the command, that would be incredibly useful. Pentera might use one or a few different methods to do something, but if none of those work, it will just say everything is fine and secure. If Pentera could adapt or change based on what it finds in the environment, that would be very valuable. As a customer, we understand our environments better than an automated tool, so providing context to help the tool get better results would be valuable.

Read full review

Pentera mindshare

Product category:

As of July 2025, the mindshare of Pentera in the Breach and Attack Simulation (BAS) category stands at 29.3%, up from 28.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Breach and Attack Simulation (BAS)

Key learnings from peers

Last updated Jul 13, 2025

Valuable Features

Pentera's most valuable features include continuous vulnerability assessment, automated testing via Pentera Surface, attack surface mapping, evidence-based remediation, AI-based reporting, and automated penetration testing. It allows credential and vulnerability management, real-time exploit demonstration, and fast retesting to validate fixes. Users appreciate its usability, enabling quicker internal tests typically outsourced, and find its detailed technical reports and executive summaries impressive and actionable. Its SaaS platform discovers and addresses vulnerabilities in both internal networks and external assets efficiently.

"Pentera has many authentic features."
"Pentera has many authentic features."
"The platform's most valuable features are credential management and vulnerability management."

Room for Improvement

Pentera users see a need for enhanced dashboards and licensing flexibility. They request better support for new graphic cards and virtual environments, improved pricing structure with lower entry requirements, and more granular control for testing. Users express difficulty with redundancy in reports, calling for better adaptability and transparency in attack path methodologies. Centralized monitoring and better scalability for smaller networks are also highlighted as areas that require attention.

"The licensing and IP management need improvement. When the IP is imported into a system, we cannot withdraw or revoke the license."
"The licensing and IP management need improvement."
"One area for product improvement could be the inclusion of a dashboard to cover multiple branches and subsidiaries, allowing for centralized monitoring."

ROI

Organizations benefit from Pentera by automating penetration testing, reducing expenses on external firms. While it doesn't cover every aspect, it proves valuable for initial assessments and verifying fixes. Some users find ROI favorable, yet face challenges with higher prices due to licensing changes. Smaller environments see limited gains, but larger ones potentially maximize investments through Pentera's capabilities.

Pricing

Enterprise buyers experience varied pricing perceptions for Pentera. Some find it relatively inexpensive and worth the investment for its effectiveness in identifying ransomware vulnerabilities. However, others see it as quite costly, suggesting it could be more cost-effective. The annual licensing fee, covering all features, averages about 120,000 US dollars per year. These costs are perceived as reasonable, with some users rating pricing a three out of ten.

"The product's cost is reasonable. I rate the pricing a three out of ten."
"The tool is relatively cheap."
"It's not that expensive, but it could be more cost-effective."

Popular Use Cases

Pentera is primarily used for automated penetration testing, compliance checks, and vulnerability management. Users employ it for test simulations on servers to identify vulnerabilities, supplement vulnerability programs, and automate regular pen testing. It's valuable for password strength assessments and ransomware testing. Features include comprehensive attack surface coverage, real-world attack emulation, and risk-based prioritization. It's used by financial organizations, telecommunications companies, and government entities, aligning with Mitre ATT&CK for standardized adversary tactic understanding.

Service and Support

Pentera's technical support team is helpful and quick to provide guidance. Users generally find the support rate between eight to nine out of ten. Some users report slower responses for code updates and varying help levels due to the experience of personnel. Although the team is quick to respond, some find the documentation outdated with gaps. There is interest in more feature improvements and enhanced support in future contracts.

Deployment

Pentera's initial setup is noted for being easy and efficient. Integration is simple and deployment varies from a few hours to a few days, influenced by factors like IP alignment and permissions. Users need minimal networking knowledge or Linux expertise for installation. It can be cloud-based or on-premises, involving scanning nodes and dynamic attack nodes. Comparisons to other scanners highlight its straightforward setup, requiring internal network visibility and possible adjustments for security policies.

Scalability

Pentera is noted for its scalability, highly rated by several users. It handles sizable user bases effectively, provided minimum requirements are met. Instances show Pentera can accommodate various user configurations, though there are challenges with specific capabilities, like the lengthy scan times when adding numerous users. Users highlight its capability to scale with both user and task numbers, maintaining functionality across different environments.

Stability

Pentera demonstrates impressive stability according to users, with most rating it between seven and ten. Experiences are largely positive, highlighting that Pentera does not disrupt network services. Some faced minor initial issues, quickly resolved, which they attribute not to Pentera itself. Enthusiasts rate stability highly, indicating rare problems. While a few encountered occasional stability issues, they still express satisfaction.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Breach and Attack Simulation (BAS) Buyer's Guide for additional reliable information.