Anatomy of a Spearbit Review

In the spirit of transparency, we will be dissecting the anatomy of a Spearbit review from beginning to end in order to assist in the standardization of a codified process for web3 security reviews.

To Our Community

Spearbit’s methodology for performing reviews has delivered consistent industry-leading quality of results at scale for web3 security reviews. As a result, the intention of this outline is to provide web3 security researchers and firms alike with a strong and standardized methodology for success in the coordination of engagements.

To Our Clients

This breakdown serves to inspire confidence in the depth of the Spearbit review process and to provide insights into how to best prepare for your own Spearbit review in order to maximize the benefit to your project.
During the review process it's crucial for all parties to be aware of requirements, next steps, and the current status of the engagement to prevent scope creep or misalignments on objectives.

Engagement Flow

Below is an overview of the Spearbit engagement lifecycle:
  1. 1.
    Form Submission
  2. 2.
    Scoping and Information Gathering
  3. 3.
    Communication Channels and Access
  4. 4.
    SOW & Rates
  5. 5.
  6. 6.
    Security Review Period
  7. 7.
    Close-out Call and Walkthrough
  8. 8.
  9. 9.
    Final Report Delivery