[PEN-TEST] Researching security audits and if they are worth it.

["K, John" <john_k () HUSHMAIL COM>]

Good Morning Everyone;

        I am trying to gather some information together in research of roughly
how much a security audit would cost and then compare that to staffing your
own security person/team.  So far various searches on the ole web search
engines are not really turning up any actual dollar amounts for a security
audit.  It seams most of the companies create the costs on the fly and 'custom'
build the audit to fit your needs.

        For the sake of simplicity I am looking for estimates on 2 projects.  The
first is a single class C address range.  The audit should be a full remote
assessment and include all bells and whistles provided from a remote test.
 The second project would be an estimate of continued scans every other
month for a year to see if anything new can be found and give a showing
to the company of how they are cleaning their vulnerabilities or not as
the case may warrant.

        If any of the professional security people out there would like to contribute
their knowledge of costs and warnings of outsourcing being better or not
please send me email directly at john_k () hushmail com.  I will most likely
publish at least a small part of this information and can quote specifics
from some companies if they are willing to provide enough information and
contact numbers for customers to follow up with.  If you do NOT want your
company/name information provided just say so in your email and I ensure
you that it will be kept private.

        Thank you and I look forward to your information.

John K.