Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: [SCADASEC] 11. Re: SCADA Security - Software fee's
From: Valdis.Kletnieks () vt edu
Date: Sat, 21 Feb 2009 21:30:01 -0500

On Fri, 20 Feb 2009 09:24:29 EST, Smoking Gun said:

Ironically, your own quote"company"quote offered penetration testing
services at the insane pricing scheme of "we'll pentest0r joo for free
and if we find something you can pay us to find other holes!".

And how, exactly, is that an "insane" pricing scheme?  If you think about
it for a bit, it actually makes quite a bit of sense - Snosoft needs to prove
they're in fact good enough to be able to find the holes you're paying them
to find, or it doesn't cost anything.

That *sure* as hell beats paying $100K for a pen test, and then finding out
that you hired a bunch of asswipes who can't find holes.

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]