[OWASP-TESTING] final draft of the outline

Revelli Alberto a.revelli at reply.it
Wed May 4 12:13:00 EDT 2005

Cost in $$$ can be very fluctuating, I agree.
But as long as we stick to a rough estimate in (number_of_testers * test_days), I believe that a few hints could be quite helpful.


-----Original Message-----
From: owasp-testing-admin at lists.sourceforge.net on behalf of Daniel
Sent: Wed 5/4/2005 4:55 PM
To: owasp-testing at lists.sourceforge.net
Subject: Re: [OWASP-TESTING] final draft of the outline
I'd like to stay away from the cost factor, as the cost is constantly
changing (example, here in the UK, the day rate changes between 1000
pounds to 1400 pounds, depending on whom you are dealing with)

Simon Roses Femerling said:
> Hi all,
> What about cost, project estimation, etc.. ?
> IMO the document should also provide some directions about this matter. or
> is this subject more relevant to
> Phase One doc. I know this domain is so vast and dynamic (web servers,
> aplication servers, etc..) that is hard to estimate.
> I believe something like OSSTM "Rule of Thumb" would be nice for WAVA, btw
> nice word :)
> Some directions about this subject can be of some benefits, as security
> pros
> can provide customers with
> "real" estimations and customers can get an idea of what to expect of the
> engagement.
> Take care,
> Simon Roses Femerling
> Consultor en Seguridad / IT Security Consultant
> IT Deusto
> http://www.itdeusto.com
> Madrid, Spain
> ----- Original Message -----
> From: "Daniel Cuthbert" <daniel.cuthbert at owasp.org>
> To: <owasp-testing at lists.sourceforge.net>
> Sent: Wednesday, May 04, 2005 2:06 AM
> Subject: [OWASP-TESTING] final draft of the outline
>> hey all,
>> Attached is, what i feel, the final draft of the initial outline.
>> If everyone is happy with what is included, i'll spend the remainder
>> of this week creating the sections in which everyone can choose their
>> chosen topic.
>> Obviously the basic penetration testing tips caused an interesting
>> discussion, i'll have a think about the future of them within the
>> testing guide.
>> Look forward to your feedback
>> Daniel


This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
owasp-testing mailing list
owasp-testing at lists.sourceforge.net

More information about the Owasp-testing mailing list