
Although I haven't really been asked this question yet, it might be something on your mind.
As you may already know, the core values of ZeroBit are: Accessibility, custom work, quality, and trust.
It is that second value, custom work, that doesn't allow us to put a standard price on a pentest. Do you have 5 computers, or 500? Do you have 1 server, or 20? Is your application purely informational, or are there different roles available, each with their own permissions?
As you can see, we need to get a picture of what exactly you want tested before we can put together a price.
Don't know exactly what you want tested, or is the price still too much? No panic! Fortunately, there is also something called the VLAIO Improvement Program. A clear program for every type of business. On top of that, VLAIO covers 50% of the costs, which you don't have to advance.
When determining a price, things are taken into account as explained in our previous blog post "How does the sales process work at ZeroBit". Shall we put some numbers on it?
Administration: this is almost always 1 hour. It includes both setting up the internal project structure and all communication and contractual actions.
Pentesting itself: this is the component that varies the most. To take a Web Application as an example, we would always like to allocate 5-8 days for this.
Reporting: although this seems self-evident, a report must also be prepared. All results from the previous step must be poured into a clear report. All our notes are converted into a workable document for you as a business. Average turnaround time: 2-3 days.
Quality assurance: every time I have a document ready to send, I assume there is at least 1 error still in the document. That's why we invest extra time to ensure that the report that lands on your desk is as accurate as possible. Average turnaround time: 4-6 hours.
Closing meeting: of course, the project needs to be wrapped up properly. We prefer to do this during a live meeting, where we deliver our final document. Although I say "final" here, there is always room for change. We love hearing your response to our observations. Perhaps there is a good reason for certain observations, and we need to adjust our recommendations!
So if we put all these topics into a table, we get the following:
Topic — Avg. Time in hours: Administration 1, Pentesting 50, Reporting 20, Quality Assurance 16, Closing meeting 1. Total: 88 hours.
To determine the definitive price, we multiply this number of hours by an hourly rate.
NOTE: This is only an indication. The actual duration varies from project to project!
Would you also like to request a quote? Contact us without obligation via the form below.