Network Security: Detailed info on Re: Charging customers on security

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security SecProg

[Top] [All Lists]

Re: Charging customers on security

from [Jesper Anderson] Network Security

[Permanent Link]

Subject:	Re: Charging customers on security
Date:	Wed, 29 Sep 2004 19:39:36 +0200

On Tue, Sep 28, 2004 at 04:29:19PM -0400, Wesley Shields wrote:


Yes, and there is no excuse for not expending that effort.  Keeping the
cost to a customer low is a sound business decision, but it quickly
becomes outweighed by the number of bugs left open when not expending
the effort to fix them because it will cost more money.


So what do you do when you are consistently outbid by developers
who make the code work, and don't care about security - and the PHB's
buy their services instead of yours?

There are plenty of excuses to not extend that effort. That is what
spawned this whole discussion - how do you persuade the PHB that
you actually are worth more money because your code will be secure?

Personally, I'd rather pay more to know that the code was developed as
best as it can possibly be developed than to pay less knowing there are
some bugs.


What you'd rather do doesn't help when the person buying doesn't.

Jesper

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Charging customers on security, King Pang Re: Charging customers on security, wirepair Re: Charging customers on security, ovi RE: Charging customers on security, Koen Vingerhoets Re: Charging customers on security, Glynn Clements RE: Charging customers on security, Yvan Boily Re: Charging customers on security, Wesley Shields Re: Charging customers on security, Jesper Anderson <= RE: Charging customers on security, Yoav Nir RE: Charging customers on security, Jediah Re: Charging customers on security, Steve Friedl Re: Charging customers on security, Michael E.Conlen Re: Charging customers on security, Jeff Williams Re: Charging customers on security, Adam Shostack Re: Charging customers on security, S. M. Re: Charging customers on security, exon RE: Charging customers on security, Yvan Boily RE: Charging customers on security, Chris Matthews

Previous by Date:	Re: Charging customers on security, Wesley Shields
Next by Date:	RE: Charging customers on security, Michael Wojcik
Previous by Thread:	Re: Charging customers on security, Wesley Shields
Next by Thread:	RE: Charging customers on security, Yoav Nir
Indexes:	[Date] [Thread] [Top] [All Lists]