Penetration Testing mailing list archives
Pen-testing - pricing model
From: Chris Stromblad <chris () fragzone se>
Date: Thu, 30 Nov 2006 09:59:58 +0000
Hi list,Those of you who work with this professionally, what sort of pricing model do you use? How do you assess what should be charged for the test? Considering the fact that there are many types of pen-tests and all have different scope. I'm having a hard time figuring out if the prices that has been given to me are reasonable.
Say I were to give you one of the following scenarios, what would you charge (roughly):
1. "Black box with shades of gray", 2 /24 networks, not all devices are active. External scan.
2. Internal scan, only devices 3. Internal scan, procedures, physical security and devicesI know this question is somewhat difficult to answer, because there is no correct answer, but any advice is welcome.
Cheers, Chris ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Pen-testing - pricing model Chris Stromblad (Dec 01)
- RE: Pen-testing - pricing model Omar Herrera (Dec 03)
- Re: Pen-testing - pricing model Michael Weber (Dec 03)
- Re: Pen-testing - pricing model Christine Kronberg (Dec 03)
- Re: Pen-testing - pricing model Davide Carnevali (Dec 04)
- Re: Pen-testing - pricing model Kish Pent (Dec 10)
- Re: Pen-testing - pricing model Christine Kronberg (Dec 11)
- Re: Pen-testing - pricing model Davide Carnevali (Dec 13)
- Re: Pen-testing - pricing model Clint Laskowski (Dec 16)
- Re: Pen-testing - pricing model Christine Kronberg (Dec 16)
- Re: Pen-testing - pricing model Davide Carnevali (Dec 16)
- Re: Pen-testing - pricing model Kish Pent (Dec 10)