VAPT Scoping — Osto Cybersecurity

Organisation

Basic details about your company

Company name *

Your name & designation *

Work email *

Phone number *

Industry / sector *

What needs to be tested?

Select all that apply — follow-up questions appear for each

Components in scope *

Web Application API Cloud Infrastructure Mobile App Network / Infrastructure

Web Application

Details about your web app(s)

How many web applications need to be tested? *

URL(s) of each application *

One URL per line

Where are the web applications hosted? *

How many user roles exist? *

e.g. Admin, Manager, End User, Guest = 4 roles

Testing environment *

Production (live) Staging / UAT Development Dedicated test env

API

Details about your APIs

How many APIs / microservices need to be tested? *

Approximate total number of endpoints across all APIs *

Base URL(s) of each API *

One per line

Where are the APIs hosted? *

Is API documentation available?

Postman collection Swagger / OpenAPI Internal docs only No documentation

Cloud Infrastructure

Select the services we should assess

How many cloud accounts / projects are in scope? *

Domains / subdomains in scope

One per line. Leave blank if not applicable.

IP ranges / CIDRs in scope

Mobile Application

Details about your mobile app(s)

Platform(s) in scope *

Android iOS Both

App name(s) and Play Store / App Store link(s)

Network / Infrastructure

Internal and external network scope

IP ranges / CIDRs in scope *

Approximate number of live hosts

Is internal network access required?

Yes

No

Source Code Review

Static analysis to identify vulnerabilities directly in your codebase

Is a Source Code Review required? *

Yes

No

How many repositories / services? *

Primary language(s) / framework(s)

Repository access method

GitHub GitLab Bitbucket ZIP archive

Anything else?

Known concerns, deadlines, or context for our team

Additional notes

e.g. specific features to focus on, recent changes, compliance deadlines, suspected vulnerabilities

Tell us about your environment

Scoping details received