SOURCE CODE REVIEW & ANALYSIS

Build resilient applications

 

PUT SECURITY AT THE HEART OF YOUR PROJECT


•   Identify potential vulnerabilities
•   Achieve a deep insight into application security
•   Gain a static perspective
•   Receive reports detailing issues with remediation guidance

STRENGTH IN
THE SOURCE CODE


Source code review and analysis is a service that aims to have a deep look inside the codebase of your application. This service is intended as a complement to the Web Application service offering and looks at the application from a static perspective versus the dynamic approach that penetration testing offers.

WHY A SOURCE
CODE REVIEW?


Foregenix’ Source Code Review & Analysis examines application source code to identify vulnerabilities resulting from the use of insecure libraries or application logic which does not adequately consider security requirements. The Source Code Review & Analysis is the most effective mechanism to achieve a deep and efficient insight into existing or potential application vulnerabilities.

REMOVE ALL
LIMITATIONS 


We recommend this service in cases where the application is too big or complex to be covered by standard penetration testing in a timely and thorough manner.

A web application penetration test is a dynamic exercise that is executed based on the snapshot of functionality and data assigned to the accounts provided to our analysts. It is also limited by them, so if access to a functionality is based on a set of data that the sample application user is lacking, the analyst will be blind towards that functionality and it will remain untested. 

Foregenix-Digital_Forensics-Fingerprint_ScanSource code review takes away this limitation since it looks at the application at the code level, hence providing access to all code paths.

To perform this service, we require access to all application source code and related libraries to ensure there are no blind spots. The source code is subsequently analysed for security vulnerabilities.

The final deliverable of the Source Code Review & Analysis service offering is a report detailing all the security vulnerabilities that were identified during the inspection of the source code.

WHAT CAN WE DO TO HELP YOU?


1. Review and improve your Software Development Life Cycle to build security as part of your application’s DNA.

2. Identify and prioritise weaknesses in code that are critical to your use cases in a cost effective manner

3. Help your organisation retain the knowledge. Identify skill gaps and provide education to your development team.

WHAT TO KNOW MORE
Talk to our team

Book a chat or call us using the numbers below.

UK (HQ): +44 846 309 6232
North America: +1 (877) 418-4774
Europe: +49 6131 2188747
LATAM: +549 342 421 6688
APAC: +61 420 904 914
MEA: +27 860 444 461