I would try to evaluate necessary time to do the job and charge XX dinars (or
dollars) per 8 hours day
On Thu Nov 30 10:59 , Chris Stromblad sent:
Hi list,
Those of you who work with this professionally, what sort of pricing
model do you use? How do you assess what should be charged for the test?
Considering the fact that there are many types of pen-tests and all have
different scope. I'm having a hard time figuring out if the prices that
has been given to me are reasonable.
Say I were to give you one of the following scenarios, what would you
charge (roughly):
1. "Black box with shades of gray", 2 /24 networks, not all devices are
active. External scan.
2. Internal scan, only devices
3. Internal scan, procedures, physical security and devices
I know this question is somewhat difficult to answer, because there is
no correct answer, but any advice is welcome.
Cheers,
Chris
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php\?camp=701600000008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
