Pricing
Straightforward pricing for serious coverage
No mystery SKUs. Pick the engagement that matches how you ship. We’ll confirm scope before kickoff based on complexity and environments.
Final quotes may vary with app complexity, number of environments, and compliance needs. We always align on scope and timeline before work begins.
Single Audit
One deep pass before launch, a big release, investor demos, or store submission.
Starting at
- Scoped review of web, mobile, and/or API surfaces
- Prioritized findings with clear severity
- Practical fix guidance your team can act on
- Executive-friendly summary for stakeholders
Monthly Subscription
Continuous testing for teams that ship weekly and need steady coverage.
Starting at
- Rolling reviews as you merge and release
- Faster feedback on new features and changes
- Slack-style async updates (format agreed in scope)
- Discounted follow-up checks on critical fixes
SOC 2 Prep Assistance
Structured prep to surface gaps and tighten posture before formal audit.
Starting at
- Control mapping and evidence readiness guidance
- Security review aligned to common SOC 2 themes
- Risk-ranked gap list, not a substitute for certification
- Workshops with your eng and GTM leads as needed
Pricing FAQ
Clear answers on how we work with startups and technical teams.
We review websites, web apps, iOS and Android apps, and the backend APIs and infrastructure that power them. If you’re unsure, send your stack on the contact form and we’ll confirm fit.
Yes. Client-side issues matter, but most critical risks live in APIs, auth flows, and cloud configuration. We trace features end-to-end so nothing important sits in a blind spot.
It’s a request to start a conversation. We’ll follow up with clarifying questions and a proposed scope. No automated scheduling yet.
After we align on scope, you’ll get a written quote with deliverables and timeline. Invoices are usually milestone- or phase-based for larger work, or a single fee for focused audits. We can walk through options on a short call.
They’re starting points. Final fees depend on app complexity, number of environments, and compliance goals. We never bill surprise scope: you approve the plan before work begins, as noted in the disclaimer above the tiers.
Absolutely. We prioritize fixes, explain tradeoffs, and can re-test critical items. Subscription clients get ongoing support as code changes.
No. SOC 2 Prep Assistance helps you identify gaps, tighten controls, and get organized before you engage a licensed CPA firm for the actual audit. We do not issue SOC 2 reports. See our SOC 2 page for how prep fits alongside a formal audit.