CODE REVIEW


WE PUT YOUR CODE UNDER THE MICROSCOPE

Are you wondering if your application is secure? We point out potential security vulnerabilities in your source code. Most security problems are caused by critical vulnerabilities in applications. Code reviews identify security gaps in the source code thus minimizing potential risks.

A code review is something you should seriously consider, especially for security-relevant applications that provide access to sensitive data. The result of this code review is a report that we send you specifying the vulnerabilities analyzed in the source code according to their criticality, as well as detailed suggestions on how to eliminate them. That way you create more security. Right from the start.

OUR PROCEDURES

Depending on the kind of application, we use static or manual analysis methods. In doing so, we either look at a section or at your complete application. We check compliance with recognized secure coding guidelines and best practices. Our methods support PHP, Java, C/C++, Bash, Perl, SQL, JavaScript and Python.

Automated tools are applied in static analysis methods to identify vulnerabilities. The source code of the application is checked without running it. We send you the results in the form of a report generated by the analysis tool.

OUR RECOMMENDATIONS FOR YOU

A complete code review includes both the static and the manual analysis. Checking of the results by an expert is indispensable to be able to provide a real assessment. We test specifically for errors in the application and business logic by focusing on typical vulnerabilities such as injection, directory traversal, buffer overflow, privilege escalation, etc. Furthermore, we analyze the cryptographic methods used and check the exception handling. This comprehensive testing also enables us to detect errors in the application of control structures.