Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It wasn't even that expensive. Ada security audit from tekta in Spain was under 4k.

There's nothing like a racket here. The list of certification agencies goes from KPMG at top end to smaller companies.



4k is not expensive in enterprise terms, but in small bootstrapped startup terms it is absolutely expensive.


And the issue is the other corporations may likely follow, so you have to stack hefty audit sum every year for multiple monopolistic cloud vendors because you made some cheap documents scanner app with convenient storage options for your user.


They're partners, not just agencies you independently get to choose, right? That's what I'm getting at with the racket part.

You don't get to interop with one of the biggest cloud providers in the world unless you complete commercial audits with one of their partners.

Given the kind of collusion Google's shown itself capable of [1] do you really think this is all fair?

[1] https://en.wikipedia.org/wiki/High-Tech_Employee_Antitrust_L...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: