Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Penetration Testing work effort

From: alfredhitchcock_007 () yahoo com
Date: 18 Sep 2006 11:28:11 -0000
I agree, that it depends on the skills of the tester. But say If a co. approaches u and says that they want to carry 
out Security Audit for Network devices, applications then how to calculate how much time would be required to do a test 
on a single network device and an application. Point to be remembered here is that it would be a black box. This is 
like repsonding to the proposal and giving them the estimation. Say the network devices are 50 which comprise of 10 
routers, 10 F/w and 30 switches and 1 huge application which is a online trading application. then how to calculate the 
man effort per device. what would be the duration that should be specified to the client. This is just an example.

I am trying to find out if anybody has developed such costing and time estimation model that can be given to the client 
before the project start (this would be in bid phase)

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: