Ongoing Engagement Pricing
An organization who wishes to have a certain measure of security will request a one-time testing engagement and may or may not have that repeated on an annual basis. An organization who desires to add an extra level of protection for its data will request an annual testing engagement, followed by a continual quarterly service.
One-time intense testing has advantages and disadvantages. The advantage is that the security tester will be completely focused on your site during the testing. The disadvantage is some real-world attacks require many weeks or months to fully perform, so they will not be completed by the end of a one-time engagement.
Continual Quarterly Service
The continual quarterly service has several advantages:
- Longer attacks can be carried out, which normally would not have time to be completed during a one-time testing engagement.
- Your network will be evaluated on a continual basis, with most testing aspect being performed four times within the year.
- The latest attacks and n-days will be tested against your organization much more quickly, soon after being made public.
Annual Testing: ~5% less
Semi-Annual Testing: ~10% less
Quarterly Testing: ~15% less
Note: Savings assume an initial full-scope engagement