Which insurers cover penetration testing?

Most major Canadian cyber insurance carriers include some form of penetration testing coverage under their preventive services, loss prevention or pre-breach services provisions. Carriers such as Chubb, AIG, Beazley, CFC, Coalition, Intact and Travelers commonly include these benefits. The specific coverage amount and conditions vary by carrier and policy tier. Check your policy or ask your broker for confirmation.

How do I check if my policy covers penetration testing?

Search your policy documents for the terms security assessment, risk mitigation, loss prevention and pre-breach services. These terms typically appear in the preventive services or risk management section. If you find any of these terms, read the section for dollar limits and qualifying activities. You can also call your broker and ask directly: Does my policy cover penetration testing under any preventive or loss prevention provision?

What documentation does Sherlock Forensics provide for insurance submission?

We provide a complete documentation package for insurance reimbursement: the penetration test report with insurer-ready executive summary, detailed invoice with service descriptions that map to policy coverage categories, tester credentials and certification documentation, scope of work and engagement letter and remediation guidance with CVSS severity ratings. Our reports are specifically formatted for insurance submission.

How long does reimbursement take?

Most carriers process complete reimbursement submissions within 30 to 60 days. The timeline depends on having pre-approval in place before the test and submitting all required documentation. We help you compile the submission package and ensure nothing is missing, which minimizes delays and maximizes the likelihood of approval on the first submission.

Insurance-Covered Security Testing

Get a Pentest Covered by Your Insurance

Your policy probably includes it. We make it easy to claim.

Sherlock Forensics provides penetration testing services designed for cyber insurance reimbursement. Many cyber insurance policies cover annual penetration testing under preventive services, loss prevention or pre-breach services provisions. We handle the entire process: help you check your policy, assist with pre-approval, conduct the test, deliver an insurer-ready report and provide all documentation needed for reimbursement submission. Pricing starts at $1,500 CAD.

Most cyber insurance policies include penetration testing as a covered preventive benefit. The problem is that most policyholders never use it because they do not know it exists or do not know how to claim it. We solve both problems. Our reports are formatted specifically for insurance submission and we guide you through every step from policy check to reimbursement.

Check If Your Policy Covers This Call 604.229.1994

$1,500

Starting price (CAD)

10-25%

Typical premium reduction

30-60

Days to reimbursement

How It Works

Five Steps from Policy Check to Reimbursement

Check Your Policy

Search your policy for "security assessment," "risk mitigation," "loss prevention" or "pre-breach services." These terms indicate penetration testing coverage. Not sure? We wrote a guide to help you find it.

Get Pre-Approval

Contact your carrier or broker and request written pre-approval for penetration testing. We provide a scope of work and cost estimate that you can forward directly. Pre-approval protects your reimbursement claim.

We Conduct the Pentest

Our CISSP-certified team conducts the penetration test using industry-standard methodology (OWASP, NIST, PTES). Testing typically takes 1-2 weeks depending on scope. We test external networks, internal networks, web applications and cloud environments.

Insurer-Ready Report

We deliver a report formatted specifically for insurance submission. It includes an executive summary, CVSS ratings, remediation steps, tester credentials and scope documentation. Every element your carrier requires.

Submit for Reimbursement

We help you compile the complete documentation package: report, invoice, vendor credentials, scope of work and pre-approval confirmation. Submit to your carrier and receive reimbursement within 30-60 days.

Pricing

Covered by Your Policy

EXT

External Penetration Test

From $1,500 CAD

External network penetration test targeting your internet-facing infrastructure. Includes insurer-ready report with executive summary, CVSS ratings and remediation guidance. Typically covered by the preventive services allocation in most cyber insurance policies.

WEB

Web Application Pentest

From $3,000 CAD

OWASP-methodology web application penetration test covering authentication, authorization, input validation, session management and business logic. Full insurer-ready documentation included. Fits within mid-tier policy allocations.

FULL

Comprehensive Pentest

From $5,000 CAD

External, internal and web application penetration testing with full insurer-ready documentation. The most thorough assessment available, designed for organizations with larger policy allocations or those seeking maximum premium reduction at renewal.

All pricing in Canadian dollars. Every engagement includes an insurer-ready report formatted for reimbursement submission. A $1,500 test typically saves $3,000-$10,000 in premium reductions at renewal.

Why This Matters

Three Benefits of Insurance-Covered Testing

Zero Out-of-Pocket Cost

If your policy covers penetration testing, the insurer reimburses the full cost. You get a professional security assessment without spending a dollar from your IT budget. The insurer already priced this benefit into your premium.

10-25%

Lower Premium at Renewal

Organizations that present recent pentest results with remediation evidence at renewal see premium reductions of 10-25%. On a $30,000 annual premium, that saves $3,000 to $7,500 CAD. The test pays for itself multiple times over.

DUE

Claims Protection

A recent pentest is evidence of due diligence that protects your claim if a breach occurs. The five most common claim denial reasons are all addressed by having a recent penetration test on file. It is insurance for your insurance.

Get Started

Check if your policy covers this.

Most cyber insurance policies include penetration testing as a covered benefit. We help you find the coverage, navigate the pre-approval process and deliver a report that your carrier accepts for reimbursement. The entire process takes 2-4 weeks from policy check to submitted documentation.

CISSP, ISSAP, ISSMP certified testing team
Reports formatted for insurance submission
Pre-approval assistance included
Reimbursement documentation provided
Approved vendor on multiple carrier panels

Check If Your Policy Covers This Call 604.229.1994

Frequently Asked Questions

Insurance-Covered Penetration Testing FAQs

Which insurers cover penetration testing?: Most major Canadian cyber insurance carriers include some form of penetration testing coverage under their preventive services, loss prevention or pre-breach services provisions. Carriers such as Chubb, AIG, Beazley, CFC, Coalition, Intact and Travelers commonly include these benefits. The specific coverage amount and conditions vary by carrier and policy tier. Here is how to check your policy.
How do I check if my policy covers penetration testing?: Search your policy documents for the terms "security assessment," "risk mitigation," "loss prevention" and "pre-breach services." If you find any of these terms, read the section for dollar limits and qualifying activities. You can also call your broker and ask directly. Your broker may not volunteer this information, so you need to ask.
What documentation does Sherlock Forensics provide for insurance submission?: We provide a complete documentation package: the penetration test report with insurer-ready executive summary, detailed invoice mapping to policy coverage categories, tester credentials and certification documentation, scope of work and engagement letter and remediation guidance with CVSS severity ratings. Our reports meet all seven criteria that carriers evaluate.
How long does reimbursement take?: Most carriers process complete reimbursement submissions within 30 to 60 days. The timeline depends on having pre-approval in place before the test and submitting all required documentation. We help you compile the submission package and ensure nothing is missing. Full reimbursement guide here.

Your Premium Already Pays for This

Check your policy, get pre-approval and schedule a penetration test that your insurer reimburses. We handle the testing and the paperwork.

Check If Your Policy Covers This

Phone: 604.229.1994
Starting Price: $1,500 CAD
Burnaby Office: Burnaby, BC, Canada
Coquitlam Office: Coquitlam, BC, Canada