Comment Re:White Hat Security (Score 5, Informative) 93
The company I work for hired this firm to test our application late last year. I have been very impressed by their results. They perform both automated and manual testing. I receive an email after each test listing the number of vulnerabilities found and their severity. No details are sent through email. I can then log into their portal and read the details. Once an item has been fixed, you can use their portal to schedule that particular item for retest. The interface seems pretty slick and the people I've worked with on their team have been very easy to work with. I don't know how much they charge, unfortunately. I do plan to look into that once my own web application is far enough along.