Guardian offers two pricing options: Flat-cost or Pay-per-vulnerability
A flat cost, paid 50% up-front and 50% upon the main review phase end date.
$$ quote = WEEKS \cdot \$35,000 $$
<aside> 💡
The flat cost rate is not an engineering weeks rate, but rather an all-included rate for the engagement. One engagement week typically encompasses ~4 engineering weeks.
</aside>
A flat cost up front, and PPV rates charged upon the main review phase end date.
$$ quote = WEEKS \cdot \$17,500 \ + \ ppv(C,H,M) $$
There is a cap on the total cost from the PPV model:
$$ Min(quote, WEEKS \cdot \$35,000) $$
<aside> 💡 The Pay-per-vulnerability rate is doubled for each previous review that has been conducted on the codebase.
</aside>
<aside> 💡 In most cases, 1 engagement week will cover 800-1,000 normalized SLOC as measured by this script.
This rate varies depending on the scope and complexity of an engagement.
</aside>