Skip to main content

Complete Package

$5,9993–5 days turnaround

Full security audit plus codebase health.

Requires codebase access (git repository or file transfer)

Compare all tiersor talk to us first

What's included

Full security audit

Everything in the Full Audit — external testing, live exploitation, source code review, credential audit, and compliance readiness. The complete security picture.

Codebase health assessment

A separate engineering review: tech stack with EOL status, code quality metrics, architecture assessment, test coverage audit, dependency audit with CVEs, database schema health.

Modernisation roadmap

2–3 options (incremental improvement, partial rewrite, full rebuild) with estimated cost ranges and timelines. Prioritised roadmap: immediate, short-term, medium-term, long-term.

Two reports, one engagement

Security report (25–50 pages) plus Codebase Health report (15–30 pages). Both delivered together.

Full feature list

  • Everything in Full Audit
  • Codebase Health Assessment included
  • Tech stack & dependency analysis
  • Architecture review
  • Modernisation roadmap
  • Both reports (40–75 pages total)
  • Save $499 vs buying separately

Built your app with AI? Cursor, Copilot, v0, Bolt, Lovable, Replit — we have a dedicated assessment for AI-built apps.

Security for AI-built apps

How we test

The Complete Package includes 8 methodology phases. Each phase follows the OWASP Testing Guide.

1

External Surface Analysis

URL discovery, sensitive files, authentication testing, security headers, SSL/TLS, server disclosure, CORS, API endpoint discovery.

2

Source Code Review

Hardcoded credentials, SQL injection patterns, authentication and session management, authorisation, XSS, CSRF, file upload security, command injection, dependency audit.

3

Live Exploitation

Read-only live testing proving vulnerabilities with real data. SQL injection, authentication bypass, IDOR, API parameter tampering, attack chain construction.

4

PII Enumeration

Customer records, employee records, payment data, data freshness, record counts.

5

Credential Audit

Every secret collected and classified. Credential reuse, password quality, rotation recommendations.

6

File & Document Exposure

Directory listings, CSV/Excel exports, PDFs, images, scanned documents, backup files, log files.

7

Compliance Readiness

CCPA, GDPR, PCI DSS gap analysis with statutory damages context.

8

Codebase Health

Tech stack identification, code quality metrics, architecture assessment, database health, build pipeline, modernisation options with cost ranges.

See the full 8-phase methodology

The report

40–75 pages. Plain English. Written so your CEO can read it.

  • Complete security report (25–50 pages) — everything in Full Audit
  • Codebase Health report (15–30 pages) as a separate deliverable
  • Executive summary with overall health rating (1–10)
  • Technology stack with EOL status for every dependency
  • Architecture assessment and test coverage audit
  • 2–3 modernisation options with cost ranges and timelines
  • Prioritised roadmap (immediate / short / medium / long-term)
See a sample report

How this compares

Buying the Full Audit ($3,999) and Codebase Health Assessment ($2,499) separately costs $6,498. The Complete Package saves you $499 and delivers both in a single engagement.

Have a question?

Ask anything about the service — pricing, methodology, report format, or which tier is right for you.

Try one of these, or ask anything about the service:

Hit Enter to send

Ready to start?

Complete Package$5,999. 3–5 days turnaround. Buy online, we start within 24 hours.

Compare all tiers

or talk to us first