| Hours | Hourly | Total Cost | +15% | -15% | |
| Analysis | |||||
| Matt Messier | 43 | $35.00 | $1,505.00 | $1,730.75 | $1,279.25 |
| Bob Fleck | 36 | $35.00 | $1,260.00 | $1,449.00 | $1,071.00 |
| Report Generation | |||||
| Matt Messier | 9 | $35.00 | $315.00 | $362.25 | $267.75 |
| Bob Fleck | 8 | $35.00 | $280.00 | $322.00 | $238.00 |
| John Viega | 3 | $35.00 | $105.00 | $120.75 | $89.25 |
| Subtotal | 99 | $3,465.00 | $3,984.75 | $2,945.25 | |
| Benefits @ 28% | $970.20 | $1,115.73 | $824.67 | ||
| Subtotal | $4,435.20 | $5,100.48 | $3,769.92 | ||
| Median Cost +/- 15% | $4,435.20 | +/-$665.28 |
This cost analysis was performed using the method of the example cost analysis at:
http://staff.washington.edu/dittrich/misc/faqs/incidentcosts.faq
Salaries were set at $70,000 and an overhead rate of 28% was used.
The above numbers only reflect time spent examining and reporting on the binary, and do not include costs associated with lost productivity of users or IT staff.
Experience of Analysis Team
Matt Messier has over fifteen years of programming experience and three years of experience in security research. He is a co-author of the forthcoming book Network Security with OpenSSL.
Bob Fleck has been working as a security consultant and researcher for three years. He has been involved in reverse engineering and programming for more than eight years.
John Viega has five years of experience in security research and consulting, and has nine years of development experience. He is the co-author of Building Secure Software, as well as the forthcoming books Network Security with OpenSSL and Secure Programming Cookbook.