Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Starting a new Network Security Division...

From: "Silent Seraph" <silentseraph.lists () gmail com>
Date: Mon, 7 Aug 2006 14:58:26 -0500
Hello all. I have a question that I would greatly appreciate any
information offered for.

Let me give you a bit of background first:
I currently work for a small company that does web-development. I am
one of their programmers, but absolutely love network security and all
things involved, particularly penetration testing and network
reconnaissance/monitoring. I will be getting certified within the next
few months to provide more credibility to my skillset.



I have pitched the idea of opening a new network security division for
our company and spearheading everything involved, including contacting
potential customers, finding customers, completing the pen-testing,
monitoring activity, etc. But I have a few questions...


1) How do current security professionals find potential clients?


2) What are the most common, and even uncommon services provided?


3) Once exploits are discovered on a particular client's network, does
the consultant help secure the network? Or does the consultant write a
report of everything (s)he has found and deliver that to the client?


4) From current professionals, what approaches do you take when finding
potential clients, and how do you pitch your services to the potential
client?


5) How much is the going rate for services today? I am currently in the
Dallas-Fort Worth area, if that gives a better idea of what to
charge...


6) How much would it roughly cost to start this? I'm expecting it not
to be very expensive, since most tools I will be using are open-source
or free and linux/unix based. But if there are some hidden costs that I
may not know about, answers to this question would be extremely
valuable.


7) Any other information you have regarding network security consulting
services will be extremely appreciated.


Thanks in advance to anyone who replies. Any input is extremely
valuable to me.
--SilentSeraph

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: