Stack Health Check

An honest, fixed-price read on the software you already run

You have software your business depends on, and only a rough idea of what state it is actually in. Whether it is secure, whether it would survive the one developer who understands it leaving, whether the slowness people complain about is a quick fix or a deep problem: usually the honest answer is that nobody is sure, and that uncertainty is its own risk.

The Stack Health Check is a fixed-price software audit that replaces the uncertainty with a written, prioritised answer. For a fixed fee, agreed before we start, we go through your application the way a careful new lead developer would, and tell you plainly what is fine, what is risky, and what to fix first, with a cost against each item. If the report does not give you something useful to act on, you pay nothing.


What we look at

Four areas, because trouble usually hides in a different one than the symptom suggests. Slowness can turn out to be a security problem; a security hole can turn out to be a code-quality problem.

Security

Known vulnerabilities in the framework and dependencies, exposed secrets, weak authentication, and the obvious doors left open. We run the dependency audits and check the things attackers check.

Performance

Where the application is slow and why: database queries, missing indexes, work that should be running in the background. We separate the quick wins from the structural problems.

Code quality and maintainability

How hard the system is to change safely: test coverage, structure, documentation, and how far behind its framework version it has drifted. This is what decides the cost of every future change.

Key-person and operational risk

What happens if the one person who understands this leaves. Where it is hosted, how it is deployed, whether there are backups, and whether any of it is written down.


What you get

A written report you own, built to be read by a decision-maker, not just a developer. One person can take it in and act on it without convening a technical committee.

  • A plain-English findings report What we found, what it means, and what it puts at risk, written so a non-technical owner can follow it.
  • A red, amber, green risk matrix Every finding rated by severity and urgency, so the picture is clear at a glance and nothing important hides in the detail.
  • A prioritised, costed fix-list What to fix first, what can wait, and a realistic cost and effort against each, so you can plan and budget rather than guess.

Money back if it is not useful

An audit you cannot act on is worthless, so we carry that risk rather than you.

Our guarantee. If the report does not give you at least a few clear, worthwhile things to act on, tell us and we refund the fee. The findings are still yours to keep.


How it works

Light on your time. We need access and a short conversation, and we do the rest.

1

You give us read access

To the code and, ideally, a look at where it runs. A short call to tell us what the system does and what worries you about it.

2

We review it properly

We go through the code, the dependencies, the database, and the setup, running the same checks we would run before taking responsibility for a system.

3

We write it up

Findings, risk matrix, and a costed fix-list, in language you can act on and share with your team.

4

We walk you through it

A call to talk through what it means and answer your questions. No obligation to do anything further with us.


Who it is for

The Stack Health Check suits anyone holding software they cannot fully see inside.

You inherited a system and do not know its state. A build from a previous developer or agency that is now your responsibility.
The developer who built it has gone. You need to know how exposed that leaves you before something forces the issue.
You are about to buy or invest in a business. The software is part of what you are paying for, and you want a clear-eyed read on it first.
You are deciding whether to mend or replace. An honest assessment tells you whether the system is worth keeping before you commit either way.
You have no system yet, only an idea. Then there is nothing to audit. Start with a Build Roadmap instead.

Where it leads

The Stack Health Check is a diagnostic, not a commitment. Where it leads depends on what we find. A system in good shape might just need an ongoing support plan. One with a departed developer often leads to a takeover. An ageing system that is worth keeping points towards modernisation in slices, and one that has genuinely reached the end of its life points at the Build Roadmap, which scopes and prices the replacement. Sometimes the honest answer is that it is fine and you can stop worrying about it, which is worth the fee on its own.


Find out what state your software is really in

Tell us what you are running and what worries you. If a Stack Health Check is the right step, we will book it in. The first conversation is free and takes about thirty minutes. Read more about what working with us looks like, or get in touch directly.

Book a call →
Graphic Swish