Security Code Review
Application source code security reviews are necessary not only because of the significant operational risk posed by vulnerable software, but also because they are mandated by the regulations and policies that govern data privacy, integrity, and good corporate governance. Regulations such as PCI are driving application security and, more specifically, source code analysis activities to the forefront of business requirements and best practices.
AlexSys application source code security review services are tailored to meet each client's security and budget requirements. Services include:
Experience with many languages and frameworks
- ASP.NET, VB.NET, C#, Classic ASP
- JavaScript
- C/C++
Review of application code behaviour in unexpected/uncommon situations
- Input validation
- Parameter manipulation
- Output encoding
- Unsafe failure analysis, verbose error messages
- Effective logging and auditing
Review of application code behavior in normal situations
- Control flow analysis
- Authentication mechanism effectiveness
- Authorisation and access control granularity
- Analysis of auditing techniques for non-repudiation
- Information disclosure
- Detection of vulnerable functions and procedures
For more information please do not hesitate to contact the AlexSys team on 01761 241695 or email enquiries@alexsys.co.uk.