Hi,
I am a seasoned senior Information Security Consultant with several years of experience in such gap analyses, both on cloud or traditional applications and services, in heavily regulated domains such as health and bank/finance.
In such missions, I generally provide a short report summary presenting the global security standing of the product/service, and a fully actionable list giving details of the gaps and proposing actions to solve them, aligned with standards and best practices (CSA, NIST, CIS, ANSSI, ISO27K, ...).
The price I set is of course negotiable, depending on the number and type/complexity of the SaaS applications you have to assess, and specific regulations you have to meet in your domain/business.
Feel free to contact me to discuss about your project so I can adapt my bid accordingly.
Kind regards,
JC Praud