Humanika
150 porciento logo 150 porciento logo

Cybersecurity and security audits for businesses

At 150 Por Ciento we audit, test and harden your applications and infrastructure before someone else does it for you. Pentesting and audits with findings prioritized by real business risk — not generic scanner dumps.

With experience in sectors that handle sensitive data: healthcare, financial services, education and the public sector.

150 porciento servicios

Technologies we use

  • OWASP Top 10
  • OWASP ASVS
  • Burp Suite
  • Static and dynamic analysis
  • hardening de AWS/GCP
  • ISO 27001 best practices
100+ security audits completed
20+ critical vulnerabilities identified before exploitation
Starting from USD 3,000
Typical timeline 2–4 weeks per security audit
150 porciento servicios

What we solve with cybersecurity

  • ou don’t know how exposed your application or infrastructure is — and you’d rather find out than be found out
  • A corporate client or a regulator requires security evidence before signing
  • You handle sensitive data (health, finance, users) without verified controls
  • You had an incident and need to close the door and demonstrate improvement
  • Your team ships fast, but without security practices built into the cycle

Security is not a product you buy: it’s a state you verify.

150 porciento servicios

What we mean by a security audit

A serious audit combines tools and human judgment:

  • Manual + automated testing: a scanner only finds the obvious; business logic gets broken by hand
  • Prioritized findings: classified by severity and real exploitability, not by volume
  • Two reports: an executive one for leadership and an actionable technical one for the development team
  • Re-verification included: you fix, we retest and certify it

We deliver actionable evidence, not fear.

150 porciento servicios

What kind of solutions we deliver

  • Web and mobile application pentesting
  • Code and cloud infrastructure audits
  • Server and deployment hardening (AWS, GCP, on-premise)
  • Compliance readiness and best practices (OWASP, ISO 27001 as reference)
  • Security built into the development cycle (DevSecOps)
  • Post-incident analysis and response

Note: Since we also build software, our findings come with the proposed fix — and we can implement it.

150 porciento servicios

How we do it

1. Scope and rules of engagement
  • We define what gets tested, when and in which environment
  • NDA and formal authorization for testing
2. Reconnaissance and testing
  • Automated analysis + controlled manual exploitation
  • Business logic, roles and permissions testing
  • No impact on operations: agreed windows and limits
3. Report and remediation plan
  • Executive report framed in business risk
  • Technical report with evidence and remediation steps per finding
  • Walkthrough session with your team
4. Re-verification
  • Retesting of the corrected findings
  • Closure letter for clients, auditors or the board

Preguntas frecuentes

How much does a pentest cost for a web application?




From 3,000 USD for an application with a bounded scope. The price depends on the number of features, user roles and integrations to test. We quote after a free scoping session.

Can the tests affect my operations?




Not if they’re planned well. We agree on time windows, environments (production or staging) and explicit limits before starting. We never run destructive tests without express authorization.

Do you provide evidence I can show clients or auditors?




Yes: an executive report, a technical report and a closure letter after re-verification, with scope and dates. It’s the format procurement teams and auditors ask for.

How often should we audit?




At least once a year, and always after major changes: critical new features, infrastructure migrations or incidents. In regulated sectors, as required by the standard.

Do you work across Latin America?




Yes. Audits run remotely over encrypted channels, and we work in Spanish and English with teams across the region.

Read our Privacy Policy to learn how we protect your data and respect your privacy.