We are evaluating vulnerability assessment consultants and I need to find documentation from a third party that at least lists the major players (foundstone, integralis, @stake etc) in the industry. Ideally, there would be a ranking of firms. The info I need is for professional services, not vulnerability software scanners. I have searched all over for this information (including gartner, forrester etc) and to my surprise and frustration I can't find anything to show the CIO. If anyone has this information, or can point me in the right direction I would really appreciate it.
Thanks