What we do. What you get. What it costs.
Every engagement is fixed scope, fully documented, and priced so a mid-market IT Director can approve it without a three-level sign-off.
Four services that compound. Begin with visibility, then stabilize, then operate, then insure. Each one stands alone.
Pricing summary
| Service | Price | Model | Minimum |
|---|---|---|---|
| Forensic Investigation | $6,500 | Fixed fee | Single engagement |
| Stabilization | $175/hr or $7,500/sprint | T&M or sprint | Single issue |
| Application Support — Tier 1 | $2,500/month | Monthly retainer | 3 months |
| Application Support — Tier 2 | $4,000/month | Monthly retainer | 3 months |
| Operational Insurance | $4,800/year | Annual program | 1 year |
Engagement bundles
| Bundle | Includes | Price | Saving |
|---|---|---|---|
| Visibility Bundle | Forensic Investigation + Operational Insurance year 1 | $10,000 | $1,300 |
| Support Onramp | Forensic Investigation + Tier 1 for 3 months | $12,500 | $1,500 |
Stack coverage
Our methodology applies to any web application regardless of stack. PHP, Python, Ruby, Node.js, .NET, Java. MariaDB, MySQL, PostgreSQL, MSSQL.
Forensic Investigation
$6,500 · Fixed fee
A fixed-scope engagement that produces an evidence-grade picture of your system: environment, architecture, every material issue, and a prioritized remediation plan.
- The developer who built the system is gone.
- You are evaluating a costly migration or rewrite.
- You inherited a system through acquisition or restructure.
- Production behavior has drifted from documentation.
- You need a defensible third-party assessment before a board decision.
- Input Artifact Receipt
- Forensic Environment Report
- Architecture Map
- Issue Catalog
- Remediation Plan
- Executive Summary
- No production changes are made during the investigation.
- Code remediation is not included; it is scoped in the Remediation Plan.
- Third-party SaaS audits are out of scope unless contracted separately.
- 50% on start: $3,250.
- 50% on delivery of Issue Catalog: $3,250.
- Deliverables 5 and 6 are released after the second payment.
Operations and technology leaders who need an honest, evidence-grade picture of a critical system before deciding what to do with it.
Stabilization
$175/hr or $7,500/sprint · T&M or sprint
Sprint-based remediation against a verified Issue Catalog. Each issue is reproduced, fixed in isolation, UAT-signed-off, and deployed under written governance.
- Verified Issue Catalog from the Forensic Investigation, or equivalent documented backlog.
- Application owner identified and authorized to sign UAT.
- Read-only or working environment access confirmed.
- Each issue is reproduced in a controlled environment before any code is written.
- One issue per branch. No batched fixes.
- Every change is documented before it is committed.
- Full deployment of the candidate fix to staging.
- Application owner runs UAT against the documented test plan.
- Written sign-off is required to proceed.
- Backup taken immediately before deployment.
- Deployment window scheduled with the application owner.
- Smoke tests executed against the live system.
- Documentation is updated and version-controlled.
- Issue closure recorded in the Issue Catalog with evidence.
- Sprint review delivered to the application owner.
- Per-issue fix branch and commit history.
- UAT sign-off record.
- Updated documentation.
- Sprint summary report.
- We do not work without a verified Issue Catalog.
- We do not deploy without written UAT sign-off.
- We do not delete code.
- T&M billed at $175/hour, invoiced bi-weekly.
- Sprint pricing at $7,500 per 2-week sprint, billed at sprint start.
Teams that have a known backlog of issues on a business-critical system and need disciplined fix delivery rather than another rebuild proposal.
Application Support
Tier 1 $2,500/month · Tier 2 $4,000/month
A continuous engagement model for organizations that need a responsible owner for their critical application. Two tiers, both built on the same governance discipline.
Pair with a Forensic Investigation to launch with full visibility — see the Support Onramp bundle.
- Up to 8 hours of support per month.
- Email support during business hours.
- Next-business-day response on standard tickets.
- Monthly status report.
- Issue triage and documentation.
- Up to 16 hours of support per month.
- Email and scheduled call support.
- Same-business-day response on standard tickets, 4-hour response on critical incidents.
- Bi-weekly status calls.
- Quarterly governance review.
- Continuous documentation maintenance.
- Net-new feature development is scoped separately.
- Production deployments still require written UAT sign-off.
- Hours do not roll over across months.
Organizations whose critical system has no current owner, or whose internal team needs a disciplined second pair of hands with governance baked in.
Operational Insurance
$4,800/year · Annual program
A documented continuity program for your critical application. We build, maintain, and quarterly-test the playbooks that determine how quickly you recover.
Pair with a Forensic Investigation in year one — see the Visibility Bundle.
- System Continuity Charter.
- Recovery Time and Recovery Point objectives, agreed in writing.
- Backup verification report.
- Documented restore procedure.
- Incident response playbook with named owners.
- Vendor and dependency register.
- Restore drill executed and reported.
- Playbook review and update.
- Dependency and vendor change review.
- Quarterly continuity report delivered to the application owner.
- Active incident response is scoped separately under Stabilization or Support.
- Hosting, licensing, and third-party fees are not included.
Organizations whose continuity story is implicit and undocumented, and who need a defensible answer for an auditor, an insurer, or a board.