Penetration Testing mailing list archives
Re: Pen-test pricing
From: Jason Romo <jromo () networkguardian net>
Date: Fri, 04 Feb 2005 14:41:42 -0600
Our tests are based on type of machine (router, switch, server, desktop) and how long it takes on average to penetrate for. Different devices have different times to penetrate. We don't look at all devices we only try to penetrate the network with out raising any alarms with the support/security staff of the systems/network. Our network assessments provide full reports of all devices and issues that need mitigation. During our Pentest we treat it as if we are not authorized, so quite and leave no fingerprint other then calling cards as proof. This does many things: 1. Tests the IPS/IDS and or other monitoring systems on the network. 2. Tests the support/security staff of these networks. 3. Provides a real world attack test. 4. Many clients have no ideas have have started or even finished our tests. 5. Only one person in the company knows about the test and has no influence on the test or the results. We also offer a non-blind test that is just an assessment with proof that exploits are valid. This is just a normal network assessment with a validation addition. Jason On 2/3/05 8:21 AM, "Andre Derek Protas" <randori82 () hotmail com> wrote:
Does anyone have any good figures on pricing for pen-tests? Is charging done per server, location, or hour? Any help would be appreciated. ::andre:: _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
-- Jason Romo, CEO/CSO Network Guardian Corporation 1-866-NGC-4SEC Office 972-999-1122 local 214-929-7858 Mobile jromo () networkguardian net http://www.networkguardian.net
Current thread:
- Pen-test pricing Andre Derek Protas (Feb 03)
- Re: Pen-test pricing Faisal Khan (Feb 04)
- Re: Pen-test pricing Nathan Sportsman (Feb 04)
- Re: Pen-test pricing Marc (Feb 04)
- RE: Pen-test pricing Tyler Markowsky (Feb 04)
- Re: Pen-test pricing Adam Chesnutt (Feb 04)
- Re: Pen-test pricing Matthew Caston (Feb 04)
- Re: Pen-test pricing Jason Romo (Feb 04)
- <Possible follow-ups>
- Re: Pen-test pricing Christoph Puppe (Feb 04)
- Re: Pen-test pricing (long) Volker Tanger (Feb 04)