Consensys Diligence is a smart contract security team focused on the Ethereum and Web3 ecosystem. The source text states that it has been protecting Ethereum smart contracts since 2017. It is not a traditional cybersecurity product such as a firewall, EDR, or WAF. Instead, it centers on expert-led manual audits, supplemented by AI agents, Chonky automated scanning, Fuzzing-as-a-Service, and incident response planning. Its target customers are mainly protocols, DeFi teams, on-chain infrastructure projects, MetaMask Snaps developers, and zk systems teams.
Its security coverage focuses on smart contract audits, pre-audit security assessments, continuous agentic scanning, coverage-guided fuzz testing, SNAP Security Review, zkVM/zk Systems, and compiler testing. In terms of deployment, audits are delivered on a project basis; Diligence Fuzzing is offered as FaaS and already supports Foundry projects; Continuous Agentic Scans can be customized and integrated into a team’s workflow. The source text emphasizes that expert auditors remain the key to quality: AI agents are used to identify known vulnerabilities and improve efficiency, while complex attack paths are still discovered and validated by senior specialists.
Pricing transparency is average. The official website only shows “Request Audit” and does not provide audit price ranges. The Fuzzing service mentions updated pricing, including a free plan and more paid subscription options, but does not disclose specific prices, billing metrics, or payment methods. On compliance, the source text says Consensys Diligence participates in the EEA EthTrust Security Levels Specification, but it does not state that the team itself has obtained any certification. Therefore, it should not be regarded as having a compliance certificate.
Its strengths are strong vertical depth and coverage of difficult scenarios such as Solidity, Foundry, MetaMask Snaps, zkVM, zk circuits, and compilers. It also has a track record of tools such as Mythril, Scribble, and Solidity Visual Auditor, as well as case references from projects such as Lido and Linea. Its drawbacks are that the service scope is relatively narrow and not suitable for traditional enterprise infrastructure protection. Audit and subscription pricing, SLA, support channels, and alerting mechanisms are not sufficiently disclosed. Automated fuzz testing also cannot replace a full manual audit and broader security governance.
It is suitable for DeFi protocols preparing to launch or upgrade, Ethereum infrastructure projects, on-chain financial applications, Foundry/Solidity development teams, and zk projects that need continuous testing. The source text does not specify access conditions from China, so network connectivity, payment methods, and contract procedures are all unknown. If local alternatives are needed, SlowMist and Beosin may be considered. International alternatives include Trail of Bits, OpenZeppelin, Spearbit, Certora, Quantstamp, Code4rena, and Immunefi.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on diligence.security official site.
diligence.security is an United States Cybersecurity provider. TG4G tracks its product information, an overall rating of 8.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach diligence.security directly.