Choose Your Security Plan

Ongoing security coverage for DeFi protocols and Web3 teams — from automated smart contract scanning with human triage, to expert ZKP audits, formal verification, and active fuzzing campaigns.

Not sure which plan fits? Talk to us — free 15-min call.

Security Baseline

$499 /month

Best for: Early-stage startups and solo founders who need documented security coverage without a full audit budget

  • Weekly automated scans (Slither, static analysis, dependency checks)
  • Manual triage of all findings — false positives removed by a human
  • Smart contract code coverage (Solidity, Vyper)
  • Backend API security scanning (REST, GraphQL)
  • Web application vulnerability checks
  • Dependency & supply chain vulnerability alerts
  • CVSS-scored findings with prioritized fix recommendations
  • Monthly PDF security report (audit-ready, shareable with investors)
  • Email support (72-hour response)

Expert Review

$1,499 /month

Best for: DeFi protocols, funded Web3 startups, and teams shipping to mainnet who need real expert eyes on their code

  • Everything in Security Baseline, plus:
  • 10 hours/month hands-on expert security work:
  • → Manual smart contract audit (Solidity, Rust, Move, Cairo)
  • → DeFi-specific vector review (reentrancy, oracle manipulation, flash loans, donation attacks)
  • → Cryptographic implementation audit (SDK-level, not surface checks)
  • → Zero-Knowledge Proof (ZKP) circuit audit — constraint soundness, under-constrained signals
  • → Active fuzzing with custom harnesses (AFL++, Echidna, Foundry invariant tests)
  • → Backend API penetration testing
  • → Authentication & authorization audit
  • → Bridge & cross-chain security review
  • Bi-weekly PDF reports with full finding details
  • Patch review included — we verify your fixes
  • Priority email + scheduled video calls
  • Slack/Telegram access during working hours
  • Quarterly comprehensive assessment

Full Spectrum Security

$3,499 /month

Best for: Production DeFi protocols, pre-launch token projects, and high-TVL applications where a single bug means millions lost

  • Everything in Expert Review, plus:
  • Unlimited security work (within agreed monthly scope)
  • Formal verification & mathematical proof of critical invariants
  • → AMM pricing formulas, interest rate models, liquidation logic
  • → Custom Coq / TLA+ / Certora specs on request
  • Full ZKP audit — circuit logic, trusted setup review, proof system analysis
  • Advanced cryptography audit (signature schemes, key derivation, RNG, threshold crypto)
  • Logic audit & business logic flaw detection across entire protocol
  • Full fuzzing campaign with coverage report and corpus
  • Pre-deployment security certification (report suitable for Immunefi program setup)
  • Complete backend, API & infrastructure review
  • Weekly 1-hour security consultation call
  • Security roadmap & architecture recommendations
  • Incident response support
  • Named security analyst — direct line, no ticketing system
  • Custom PDF report format (white-label available)

Additional Services & Add-Ons

One-Time Engagements

  • Emergency audit (48-hour turnaround): $5,000
  • Immunefi bug bounty program setup: $3,500
  • Formal verification engagement: custom quote
  • ISO 27001 compliance assessment: $5,000+

Add-On Packages

  • Extra manual audit hours: $250/hour
  • Full fuzzing campaign (standalone): custom quote
  • White-label reports: +$200/month
  • Incident response retainer: +$500/month

All Plans Include

  • 14-day free trial (monitoring only)
  • 30-day money-back guarantee
  • Cancel anytime, no long-term contracts
  • Detailed security reports & documentation
  • Regular communication & updates

Frequently Asked Questions

What smart contract languages and chains do you cover?
We audit Solidity (EVM chains), Rust (Solana, ICP), Move (Sui, Aptos), Cairo (Starknet), and Motoko (ICP). We also cover the off-chain backend and API layer. For DeFi-specific vectors we check oracle manipulation, flash loans, donation attacks, reentrancy, bridge exploits, and exchange rate inflation patterns.
How do the monthly expert hours work?
The Expert Review plan includes 10 hours/month of hands-on security work you can allocate however you need — manual audit, ZKP circuit review, fuzzing, API testing, or architecture consultation. Unused hours do not roll over. Need more? Additional hours are available at $250/hour.
Can I upgrade or downgrade my plan?
Yes. Upgrades take effect immediately with prorated billing. Downgrades take effect at the start of your next billing cycle. You can also cancel anytime with no penalty.
What's included in the 14-day free trial?
The free trial covers automated scanning — Slither static analysis, dependency vulnerability checks, and a baseline report. It gives you a concrete look at findings quality before committing to a paid plan. No credit card required to start.
Do you offer custom enterprise plans?
Yes. For protocols with multiple codebases, pre-launch certification needs, or specific compliance requirements, we put together custom engagements. Email audit@bytescan.net with your project details and we'll respond within 24 hours.
How quickly can you respond to security incidents?
Security Baseline: 72-hour response. Expert Review: 24-hour response. Full Spectrum Security: same-day response with direct analyst access. For active exploits, all plans can access emergency response — contact audit@bytescan.net immediately.