Secure Code Review
"The Applications Division at Microsoft experiences about 10–20 defects per 1000 lines of code during in-house testing and 0.5 defects per 1000 lines of code in released product..."
- Attrib. Moore, 1992 from 'Code Complete' by Steve McConnell
Code reviews provide added granular assurance for your applications and are a great way to identify hard to spot security and design flaws which are not visible during traditional penetration testing where the consultant does not have access to the codebase. Vulnerabilities may also be introduced simply due to the nature of delivery, developers working within time constraints may feel pressured to 'just get it pushed' and critical solutions may find themselved underengineered.
Our security consultants can review your source code and configurations, and identify any potential vulnerabilities. They will produce proof of concepts (PoC) to demonstrate the issue and allow for your development team to test, reproduce and correct these issues.
These consultants can also be integrated with developers at a tactical level, providing feedback by peer review and catching issues before they hit your main branch providing a far more 'agile' approach to testing than traditional solutions.
What we can offer:
Whatever the task, agile and fast moving, monolithic and still fast moving, we have a solution to enable your business stay productive and secure whilst remaining within budget.