Consulting
Security Audit
Web apps, mobile apps, or APIs preparing for SOC 2, an enterprise security review, or post-incident hardening.
Assumes access credentials are provisioned by end of week 1.
Scope of work
Every section is written with the failure modes in mind — the things that typically go wrong on security audit projects. Use them verbatim or edit to match how you actually deliver.
- 01
Scoping & Rules of Engagement
Define in-scope systems, explicitly list out-of-scope (prod DB dumps, customer data access), agree on testing windows, and lock an incident escalation contact before any testing starts.
- 02
Reconnaissance & Attack Surface Mapping
Catalog all public-facing assets (domains, subdomains, APIs, open ports), exposed technologies, and identity providers. Often uncovers forgotten staging servers.
- 03
Automated + Manual Vulnerability Assessment
OWASP Top 10 coverage via tools (Burp, Nuclei, custom scripts) plus manual testing for business-logic flaws that automation misses (auth bypass, IDOR, race conditions).
- 04
Targeted Exploitation Attempts
Authorized exploitation of discovered weaknesses to demonstrate real impact versus theoretical severity. All actions logged and reversible; data access avoided per scope.
- 05
Report, Prioritization & Remediation Support
Executive summary and technical findings with CVSS scores, reproduction steps, screenshots, and remediation guidance. Two follow-up sessions during fix implementation.
Deliverables
What the client gets at the end. Specific enough to be defendable; editable enough to match your exact delivery.
- Technical findings report (30–50 pages, per-finding detail)
- Executive summary (2-page PDF for leadership or customers)
- Remediation roadmap (prioritized by risk + effort)
- Post-fix re-verification of high and critical findings