Automated tools are applied in static analysis methods to identify vulnerabilities. The source code of the application is checked without running it. We send you the results in the form of a report generated by the analysis tool.
OUR RECOMMENDATIONS FOR YOU
A complete code review includes both the static and the manual analysis. Checking of the results by an expert is indispensable to be able to provide a real assessment. We test specifically for errors in the application and business logic by focusing on typical vulnerabilities such as injection, directory traversal, buffer overflow, privilege escalation, etc. Furthermore, we analyze the cryptographic methods used and check the exception handling. This comprehensive testing also enables us to detect errors in the application of control structures.