Budget options to secure your Killer Applications

By Paladion

November 26, 2009

1. Periodic Vulnerability Scanning*

(Catch network and standard application level vulnerabilities)
2. Periodic Application Scanning*

(Catch application level vulnerabilities like SQL injection, CSS etc.)
3. Periodic Application Penetration Test*

(Comprehensively catch application level vulnerabilities like
SQL injection, CSS etc. including business logic security flaws)
~ $750
4. Periodic Security Code Review* (Replaces 2 & 3)

(More comprehensive than 2 & 3 and also catch accidental / deliberate
Backdoors in your source code)
~ $1000
5. Daily Website Malware Scanning

(Catch malware infections on the publicly accessible pages of
your websites)
~ $50
6. Developer Training* on Secure Coding Guidelines

(Reduce security bugs by educating developers)
~ $500
7. Security Log Monitoring*

(Monitor your webservers, firewalls, routers etc. on a real time basis
to catch and deflect security attacks as they happen)
~ $1000
Budgeting Guide Per Month (US$)
Minimum Budget Go for 1,2 ~ $650
Modest Budget Go for 1,3,5,6 ~ $1450
Recommended Budget Go for 1,4,5,6,7 ~ $2700

* — Recommended by PCI DSS.

Estimates are based on scopes we have seen amongst start up and mid size software companies with revenues less than $50M

Tags: Uncategorized