I recognise Insight (going by the name & logo) as one that is on at least one of our larger clients' (we work on systems to manage regulatory compliance, primarily with investment banks) PSLs for application penetration testing. Assuming this is the same company and not some small-fry crook who is trying to steal their thunder (I've not looked in any depth beyond "I know that logo"), that would suggest that the report is not of the "pay to pass" variety. There would be some noise if a company on the banks' security provider PSLs were found to be offering pay-to-pass security audits.
Such companies sometimes offer a range of penetration testing options from relatively superficial to aggressive, in-depth, and detailed, so you'd need to read the report (I will when I have more time as we are considering Bitwarden for our credential management) to see if what it is saying is sufficiently reassuring.
Such companies sometimes offer a range of penetration testing options from relatively superficial to aggressive, in-depth, and detailed, so you'd need to read the report (I will when I have more time as we are considering Bitwarden for our credential management) to see if what it is saying is sufficiently reassuring.