How to Extend the Validity of Astra's Pentest Certificate

After a successful penetration test (Pentest), you will receive a publicly verifiable Pentest certificate, which you can view here. This certificate is valid for 180 days. You can extend the validity for an additional 180 days in one of the following ways:

1. Request a Vetted Scan

If you received your Pentest certificate within the last 180 days, you can request a vetted scan from your dashboard. This scan will identify any vulnerabilities in new features developed since the last assessment.

To convert an automated scan into a vetted scan, simply click the Request Vetting option in the scan settings. This allows you to benefit from the detailed review and validation provided by a vetted scan.

For more information on this process, please visit our guide on converting automated scans

After the vetted scan, our security engineers will review the results and extend the certificate's validity by another 180 days. Please note:

If any critical, high, or medium severity vulnerabilities (with exploitation potential) are identified during the vetted scan, you must address these issues before we can issue an extension for your Pentest certificate.

2. Undergo Another Pentest

If your Pentest certificate is over 180 days old, you will need to complete another Pentest to ensure our engineers can thoroughly assess your application's security before issuing a new certificate. To initiate another Pentest, simply click the Add New Target button as shown below.



Alternatively, you can consult our sales team for assistance and guidance on scheduling a new Pentest.

Note: We provide a 20-day grace period beyond the initial 180 days during which you can extend your Pentest certificate.

Important Considerations

If there have been major releases, numerous new features, or a complete new version of your application since your last Pentest, you will need to opt for a new Pentest (Option 2). This ensures the certificate is issued only after a comprehensive assessment of your application or asset.

Updated on: 24/09/2024