From: Jason Romo (jromo@networkguardian.net)
Date: Fri Feb 04 2005 - 15:41:42 EST
Our tests are based on type of machine (router, switch, server, desktop) and
how long it takes on average to penetrate for. Different devices have
different times to penetrate. We don't look at all devices we only try to
penetrate the network with out raising any alarms with the support/security
staff of the systems/network. Our network assessments provide full reports
of all devices and issues that need mitigation. During our Pentest we treat
it as if we are not authorized, so quite and leave no fingerprint other then
calling cards as proof. This does many things:
1. Tests the IPS/IDS and or other monitoring systems on the network.
2. Tests the support/security staff of these networks.
3. Provides a real world attack test.
4. Many clients have no ideas have have started or even finished our tests.
5. Only one person in the company knows about the test and has no influence
on the test or the results.
We also offer a non-blind test that is just an assessment with proof that
exploits are valid. This is just a normal network assessment with a
validation addition.
Jason
On 2/3/05 8:21 AM, "Andre Derek Protas" <randori82@hotmail.com> wrote:
> Does anyone have any good figures on pricing for pen-tests? Is charging
> done per server, location, or hour? Any help would be appreciated.
>
> ::andre::
>
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today - it's FREE!
> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>
>
-- Jason Romo, CEO/CSO Network Guardian Corporation 1-866-NGC-4SEC Office 972-999-1122 local 214-929-7858 Mobile jromo@networkguardian.net http://www.networkguardian.net
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:15 EDT