Penetration Testing mailing list archives
RE: What to spend on a pentest
From: "Michael Scheidell" <scheidell () secnap net>
Date: Tue, 1 Aug 2006 22:40:07 -0400
-----Original Message----- From: mttdavis () hotmail com [mailto:mttdavis () hotmail com] Sent: Tuesday, August 01, 2006 11:33 AM To: pen-test () securityfocus com Subject: What to spend on a pentest Can someone tell me what is a fair amount to spend on a decent pen-test with a simple class C network?
Google for "penetration testing" and maybe your state (not that the internet is bound by states) Find a few companies that look like they know what they are doing and ask them for a price and an outline of their methodology. Also, are you looking for a 'hack the flag' test? Go till someone plants a file on a protected computer? Or obtains otherwise restricted information? Or are you looking for a full list of all possible vulnerabilities? Are you going to ask for a test of the whole class c? or are you going to give them a list of ip's you want to test? (if they have to guess, or have to test all 255 ip's, it could cost more) Big players will give you a specific/canned set of tests. Some of the smaller companies might be able to do something custom. Get some quotes, throw away the most expensive and the cheapest. Customer references will be hard (unless you identify yourself other than from an anonymous 'hotmail' account) Pick from the rest. -- Michael Scheidell, CTO 561-999-5000, ext 1131 SECNAP Network Security Corporation Take a vacation from Spam: UP to 25% off of SpammerTrap services http://www.spammertrap.com/vacation ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
Current thread:
- What to spend on a pentest mttdavis (Aug 01)
- Re: What to spend on a pentest Jacob Weeks (Aug 02)
- <Possible follow-ups>
- Re: What to spend on a pentest shiri_yacov (Aug 02)
- RE: What to spend on a pentest Michael Scheidell (Aug 02)
- Re: What to spend on a pentest Michael Weber (Aug 02)
- Re: What to spend on a pentest Jason T. Hallahan (Aug 03)
- Re: What to spend on a pentest Intel96 (Aug 03)
- RE: [lists] Re: What to spend on a pentest Curt Purdy (Aug 05)
- Re: [lists] Re: What to spend on a pentest David M. Zendzian (Aug 05)
- Re: What to spend on a pentest Michael Weber (Aug 04)