Source Code Review Engagements

Source Code Review Engagements

Critical to your cyber security posture are your in-house developed applications and their source code. Code review engagements involve consultants reviewing source code for common coding vulnerabilities and general security best practices. Engagements require the client to typically provide the consultant with:

  • background information on the purpose of the code
  • code architecture / structure review
  • an explanation of the code execution flow

 

Our Approach:

Once received, MNP’s consultant proceeds to statically review the code manually (with automated and manual methods) for security best practices. Our analysis will incorporate Open Web Application Project OWASP Top 10 critical application flaws.

MNP’s consultant will create a report that details:

  • issues discovered in the source code
  • the reason the vulnerabilities occur
  • how the vulnerabilities may be exploited
  • high level recommendations as to how the identifies vulnerabilities can be remediated

 

Are you confident your in-house developed applications are secure?

Fieldset

 

Verification