# V003 — External Penetration Test Engagement

> **Status**: NOT STARTED — founder action required
> **Gate**: Phase 2 cannot claim "pentested" until written report exists in `docs/internal/pentest_report_YYYYMMDD.pdf`
> **Budget**: $20,000 – $40,000 USD
> **Target completion**: Week 10

---

## Vendor Shortlist

| Vendor | Strengths | Indicative Quote | Region | Link |
|--------|-----------|------------------|--------|------|
| **Cure53** | Browser + web app focus; strong LLM/prompt-injection experience | $25–35K | Berlin | https://cure53.de |
| **Trail of Bits** | Deep protocol + cryptography + supply chain | $35–50K | NYC | https://www.trailofbits.com |
| **NCC Group** | Enterprise-grade, global presence, SOC 2 alignment | $30–45K | London/NYC | https://www.nccgroup.com |
| **Securinc** | MENA-focused, Arabic+English reporting | $15–25K | Dubai | https://securinc.io |
| **Include Security** | Web + LLM + cloud posture | $25–40K | USA | https://includesecurity.com |

---

## Required Scope (send to vendors verbatim)

1. **Authentication & Session**
   - JWT lifecycle, refresh token rotation, session fixation
   - SSO/SCIM flows (once WorkOS in place — Wave B)
   - MFA bypass attempts

2. **Multi-Tenancy Isolation**
   - PostgreSQL Row-Level Security bypass attempts
   - Cross-tenant data access via ORM, raw SQL, IDOR
   - Tenant context tampering via JWT claims

3. **Authorization (ABAC)**
   - Policy class A/B/C enforcement (Approval Bridge)
   - Approval workflow forgery
   - Evidence Pack tampering

4. **LLM & Prompt Injection**
   - OWASP LLM Top 10 across all 17 structured output endpoints
   - Prompt leakage (model_router, partner dossier, Saudi workflow)
   - Jailbreak via Arabic/RTL encoding tricks
   - Training data leakage via echo attacks

5. **File Uploads / Evidence**
   - Path traversal on uploads
   - Polyglot file attacks
   - SHA256 tamper detection bypass

6. **Webhooks / Integrations**
   - Signature forgery on WhatsApp/Email/ZATCA webhooks
   - Replay attacks
   - SSRF via outbound connectors

7. **Infrastructure**
   - Container escape (if applicable)
   - Redis command injection
   - CORS / CSP review

---

## Deliverables (required from vendor)

1. Executive summary (1–2 pages, Arabic + English preferred)
2. Technical findings per OWASP risk rating (Critical / High / Medium / Low / Info)
3. Reproducer steps for every finding
4. Re-test report after remediation
5. Letter of attestation suitable for customer security questionnaires

---

## Acceptance Criteria (Day 90)

- [ ] Vendor engaged with SOW signed
- [ ] Report received (PDF or signed Markdown)
- [ ] 0 open Critical findings
- [ ] ≤2 open High findings (with remediation plan)
- [ ] Re-test scheduled

---

## Founder Checklist

- [ ] Shortlist 3 vendors from table above
- [ ] Send identical RFP; compare price + scope + timeline
- [ ] Legal: confirm NDA in place before sharing architecture docs
- [ ] Legal: confirm whether SAR or USD invoicing (KSA VAT implications)
- [ ] Allocate technical point-of-contact (founder or senior engineer)
- [ ] Schedule kickoff call with vendor
- [ ] Provide vendor: staging URL, test accounts (Tenant A, Tenant B, admin), architecture brief, this scope doc

---

## Anti-Patterns

- ❌ Claiming "pentested" based on automated scans (Snyk, Trivy, Burp alone)
- ❌ Claiming "pentested" based on internal red-team exercise
- ❌ Time-limited engagement <5 business days
- ❌ Accepting a vendor whose report template has <10 pages