Add additional penetration testing info

[GlitchWitch]

It was discussed to potentially add the following information to the pentration testing vendor table:

• Testing Methodologies (some short list, maybe 2-3 points)
• Re-testing is definitely a thing, and the associated pricing
• relevant contract lifetimes

As requested in the mentioned discussion, this issue was created to discuss this further and consolidate some of this information.

I've done my best to compile a list of the first two points based on public information. This list is not authoritative and I encourage others to add to or modify it.

Company	Testing Methodologies	Retesting Timeframe	Retesting Cost
Cobalt	OWASP ASVS, OSSTMM	6-12 Months	Free
Doyensec	TBD	TBD	TBD
GlitchSecure	OWASP ASVS	12 Months	Free
Kobalt	OWASP ASVS	TBD	20% of cost
Rapid7	OWASP ASVS, OSSTMM, PTES	TBD	TBD

Sources:

• https://docs.cobalt.io/methodologies/web-methodologies/
• https://www.cobalt.io/pentest-pricing
• https://glitchsecure.com/pentest/
• https://glitchsecure.com/pricing/
• https://youtu.be/HUiUd356r3Q?t=224
• https://kobalt.io/pentest/
• https://www.rapid7.com/services/security-consulting/penetration-testing-services/

[wparad]

I don't know if what I did was the best way to represent these, but this info has been included in the pen testers section:

Thanks for doing this legwork.