What is it that we need to know?
The cost of professional Web Application Continuous Security Testing will depend on those elements included in the scope agreed between yourself and Claranet Cyber Security. It will always be determined by how much needs to be tested and by when. With a scope worked out between us, we will be able to determine the number of security engineers that are required to deliver the Continuous Security Testing. Other factors affecting the scope include the number of users you have and the number of dynamic pages that need to be tested. To give you a guide to what you can expect, we have included examples of the types of questions that we will be asking in order to produce the scoping document and from that an accurate quotation of the annual subscription cost. Although there are simple pricing guides as you move down the page, the final cost will be dependent on what is included in the final scoping document agreed with yourself.
Some basic questions
Technical Application Features
Authentication and Authorisation
Application Specific Features
Once the data has been collected, we will use the Service Tiers and the Application Complexity Levels to work out an estimated annual subscription. The estimated cost will be confirmed when all the information is gathered and entered into a Statement of Work for your approval.
Service Tiers
A Service Tier will define the time and type of testing to be performed against a given web application target. This is not to be confused with 'Application Level' which relates to the technical composition and complexity of the application.
The higher the Service Tier, the longer the time it will take to assess the target application. This correlates to the amount of manual penetration testing required to cover those areas that cannot be reached by automated tools.
Application Complexity Levels
Application complexity and the associated levels are determined by the Continuous Security Testing Technical Engineering Scoping Team.
Application complexity ratings are used to assess the Service Tier requirements. A higher Service Tier will be selected for applications that are more complex.
Service Tiers
Application Complexity Levels
A La Carte Pricing
Based on these calculations, it is possible to estimate the resources needed within the scope.
Subscription Based Pricing
Having determined the extent of the scope, the subscription package can be calculated.