Audits are really expensive, but you already knew that? Yet you still do nothing to minimize the cost of your audits... You're throwing money at the problem and hoping it'll magically solve everything... A lot of elite teams do a simple trick that saves them thousands and it's called "internal reviews". This is when the developers audit their code. This is not them casually looking around for anything interesting during development - this is a dedicated, structured process they schedule. Here is how they do it: Before the actual audit set a reasonable time frame (50% of what the auditors quote you for as the devs already know the code). During that time only review the code, don't add new logic, don't add new mechanics, only focus on security and reducing complexity/unnecessary code. This might seem trivial, but will actually save you a ton, especially if your code is littered with bugs. Here are the benefits: 1. Your reports will look better, as they will have fewer bugs 2. You will catch most simple bugs allowing auditors to focus on the more complex parts 3. Audits will be faster as there will be fewer fixes, allowing you to launch sooner 4. You may only need 1 audit, whereas without this prep you might need multiple