| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Jan 19 18:47:27 2006 From: greybrimstone at aim.com (greybrimstone@....com) Subject: Vulnerability/Penetration Testing Tools - [TCO THread] Just organizing the threads here... -Adriel -----Original Message----- From: Madison, Marc <mmadison@...i.com> To: Valdis.Kletnieks@...edu Cc: full-disclosure@...ts.grok.org.uk Sent: Wed, 18 Jan 2006 11:36:04 -0600 Subject: RE: [Full-disclosure] Vulnerability/Penetration Testing Tools Valdis Kletnieks wrote: >Something to keep in mind however - many people make that comparison, and don't calculate the *TOTAL* cost. >If your developer is getting paid $60K/year, the *encumbered* cost (benefits, office, etc) is close to twice >that. And if he's writing an in-house BidiBLAh, that's time he's *not* writing stuff you *can't* buy >off-the-shelf. >As a result, it breaks out as: >BidiBLAH: $10,000 >scripting clss: $350 >6 man-weeks time: $15,000 >OK? Got that? Suddenly doesn't look like such a good deal, does it? Maybe you *should* just buy >BidiBLAH, and have that guy coding that custom interface between two in-house systems instead.... >(And don't say "I only pay my developer $30K, so he can take 2 man-months to do it" - the kind of >developer you can >keep for $30K is probably going to take a lot more than twice as long as the $60K >developer.....) I understand your point about TCO, even though you don't make a very good case for it. As for BidiBLAH, maybe you should look at the product before speaking about it! If you have used this product then please give me your insight as to what you think and why. Really if your currently using this product I want to know what you think! Now for the Math, and why your TCO argument wasn't so good, Developer $60K/year divided by the adopted 2080 man hours year (this is the average hours work, 40 hour week, 5 days, etc...) = $28.85/hourly, so..... BidiBLAH: $10,000 Scripting class: $350 6 man-weeks time: $6924.00 Like you said, "many people make that comparison, and don't calculate the *TOTAL* cost". _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ________________________________________________________________________ Check Out the new free AIM(R) Mail -- 2 GB of storage and industry-leading spam and email virus protection.
Powered by blists - more mailing lists