š The audit process starts with a brief meetingāaka the Kick-off Callā all
š Our auditors will then begin a detailed analysis of your codebase. They may reach out with batched questions and will provide regular updates based on your communication preferences. If youād like, we can also immediately notify you of any significant issues (high, critical) we find rather than waiting to share them in the preliminary report.
<aside> š Prepare to respond promptly to our team during the audit. We work hard to thoroughly vet any questions we have before presenting them to you, and your replies will help us conduct the most effective audit possible.
</aside>
<aside> ā¹ļø We also encourage you to ask questions, clarify possible ambiguities, and schedule calls with us as needed throughout the audit.
</aside>
<aside> ā¹ļø We often create a āLive Reportā for longer audits where we report important issues as we find them. You can work on issues fixes as we report them, but we only review fixes after issuing the preliminary report with another code freeze commit hash.
</aside>
š¢ Please inform us immediately if you must change your code after the audit starts. Since we will be auditing the specific commit hash you provided at the start of the audit, we will not be aware of any new changes made after this point. Changes after the audit starts can be a significant security concern since they could introduce new issues within the scope of the audit, but we would not know to review the the changed code.
<aside> ā¼ļø We will do our best to accommodate your needs within the scheduled audit with. However, changes that significantly impact the scope of the audit may require additional audit time and increase the final price.
</aside>