Skip to main content

Estimation

What information is needed in order to provide a quotation?

To provide a quotation, we need to determine the target of evaluation (scope). So, we require the following information:

One-Shot Hacking (by project):

  • How many ports are included in the scope?

  • How many inputs of applications are included in the scope?

  • How many LoC are included in the scope? We recommend running CLOC in order to facilitate quantification.

  • It would be desirable to obtain the access credentials (standard user, not privileges) to the applications in cases where this will be included.

Continuous Hacking (SDLC): Under this model, we need to know how many active authors will be involved in the project.

Regarding the Health Check estimation, the same considerations apply as for One-Shot Hacking, so the client should also provide the corresponding information as mentioned above.