Comment on page
🔱
Anatomy of a Spearbit Review
In the spirit of transparency, we will be dissecting the anatomy of a Spearbit review from beginning to end in order to assist in the standardization of a codified process for web3 security reviews.
Spearbit’s methodology for performing reviews has delivered consistent industry-leading quality of results at scale for web3 security reviews. As a result, the intention of this outline is to provide web3 security researchers and firms alike with a strong and standardized methodology for success in the coordination of engagements.
This breakdown serves to inspire confidence in the depth of the Spearbit review process and to provide insights into how to best prepare for your own Spearbit review in order to maximize the benefit to your project.
During the review process it's crucial for all parties to be aware of requirements, next steps, and the current status of the engagement to prevent scope creep or misalignments on objectives.
Below is an overview of the Spearbit engagement lifecycle:
- 1.Form Submission
- 2.Scoping and Information Gathering
- 3.Communication Channels and Access
- 4.SOW & Rates
- 5.Kickoff
- 6.Security Review Period
- 7.Close-out Call and Walkthrough
- 8.Fix-Period
- 9.Final Report Delivery