Our Customized Plans

Vulnerability scanning that builds true defence in depth.

Sample Code Review Tasks Schedule

 
Sample Schedule Based on a 250k LoC PHP Application
Services Unlocked Number of Packages Required
Level 1 Threat Assessment and Code Review for Injection Attacks 3
Level 2 Code Review for Authentication and Session Management Issues as well as Cross-site Scripting 5
Level 3 Code Review for Insecure Direct Object Reference and Security Misconfiguration 7
Level 4 Code Review for the Rest of OWASP’s Top 10 10
Level 5 One Round of Retest to Ensure Proper Vulnerability Remediation 12
Contact us to inquire about specific applications.

Frequent Questions & Answers

1Do you only do this for open-source software?
Currently, this service is only provided for open-source software.
2What payment methods do you accept?
We accept all credit cards. We also accept signed purchase orders.
3How can I monitor the level of contribution to my open-source project?
Once you sign-up, you will receive an invitation to SecurifyFund. This is where you can monitor the level of contribution to each project, as well as the services every project is currently eligible for.
4Why do I need this if I have vulnerability scanning taken care of?
Your current vulnerability scanning, whether through a provider or through an internal team, does not provide in-depth code analysis (security code review) for the open-source project you use.
1Who's responsible for fixing the issues SecurifyLabs finds on my site?
For server related issues, we will send you detailed instructions on how to fix the issues. For code related issues we will work with the open-source developers to fix these issues.
2We are already doing this internally, including vulnerability scanning and code review. Why do I need SecurifyLabs?
Because you would be paying too much to perform both internally, based on the average salary of a security engineer. On average, our enterprise package will be 20% cheaper compared to your internal team.
3What kind of contract do I get with SecurifyLabs?
A service level agreement (SLA) for subscribing to our vulnerability scanning SaaS platform. The agreement will include the services listed in the plan you chose.