PRTOTYPE.COM · Production studioAudit · Build · Maintain
PRoTOTYPE.COM
Before you commission one

What the report actually looks like.

We can’t show you someone else’s findings: a real audit is specific to the codebase we read. What we can show you is the shape: the sections, the severity ratings, and the module-by-module specification format every $7,500 audit produces.

Request the sample report
The report, section by section

Six sections, one document.

01
Executive summary

One page. The honest distance to production, in plain language, before the detail.

01
02
Security findings

Authentication, exposed keys, and data handled without a defensible reason, each rated by severity, not just listed.

02
03
Data model review

What's held, where it lives, and whether it should be. Concurrency and access-control risks called out by name.

03
04
Infrastructure review

What breaks under real load, and roughly when: staging, backups, rollback path, deploy process.

04
05
Compliance pass

Sector-appropriate: data residency, retention, and processor disclosures where they apply.

05
06
Module-by-module specification

Every fix as its own module: acceptance criteria, dependencies, and a fixed price. This is the part you can hand to any developer.

06
Why not just publish one

A redacted real report is the honest next step here, once a client agrees to let us share one. Until then, publishing invented findings would be exactly the kind of unverifiable claim we’d fault a competitor for. Email us and we’ll walk you through an anonymised example directly, or point you to the Angkor Now case study for a sense of how we write things up.

Or skip straight to it

$7,500 fixed. One week.

Your own report, not a sample, with your own findings and your own module-priced spec.

One weekFixed upfront
See the full audit service