Software testing & QA

We test the software you bought from someone else. Or the one you're about to buy.

Independent QA, pre-acquisition tech audits, and HIPAA security reviews. We find what breaks before your patients or customers do.

What we test

Six engagements we take on.

You're about to pay for a software company. We spend a week with the codebase and tell you what you're actually buying: debt, security gaps, and all.

We test your healthcare software against the HIPAA Security Rule technical safeguards. You get a written report your compliance officer can act on.

New release broke something? We build and run a test suite so your team catches it before your users do.

We test the surface area between your systems: EHR integrations, payment processors, third-party APIs.

How does your app behave at 3x normal traffic? We find the ceiling before launch, not after.

Running an AI feature? We test it for prompt injection, data exfiltration, and output manipulation. See also: honeypot-med.

Deliverables

Written report with severity-scored findings

Reproduction steps for every issue

Prioritized remediation checklist

Executive summary for non-technical stakeholders

Re-test after fixes at no extra charge

Final sign-off document for compliance purposes

Investment

Security review

$2,500 to $5,000

HIPAA, AI security, or general web app. Scoped after a 30-min discovery call.

Pre-acquisition audit

$5,000 to $12,000

Full codebase, infra, and security review. One week of access to the target system.

Ongoing QA retainer

$1,500+/mo

We run regression tests on every release. You never ship blind.