Source Code Reviews

Source code is a developer’s interpretation of a business process or function, but it is not immune to errors that affect the security of the application. 

Where defence in depth is required, the source code itself needs to be analysed for greater security assurance that cannot be achieved from an application penetration test.

What can you gain from a source code review by Perspective Risk?

  • Lower code development costs by introducing security requirements and controls at an early stage
  • Greater confidence in the security of your application than can be achieved by an application penetration test
  • Preserving your brand and reputation by removing vulnerabilities in your code and reducing the risk of exploitation
  • Better protection for your customers, employees and stakeholders

What does a source code review involve?

  • You will work with an expert consultant supported by industry-leading tools, who will take the time to understand and meet your specific business requirements.
  • Analysis of source code to assess the code’s adherence to industry standard practices with regards to:
    • Bounds checking
    • Memory allocation
    • Insecure library functions
    • Documentation
    • Code maintainability and performance
    • Checking for common application vulnerabilities relating to:
      • Input validation
      • Error handling
      • Session management
      • Authentication and more
  • Depending on your requirements, we carry out static and dynamic analysis of your source code to ensure a thorough review
  • A full report detailing any non-conformances or vulnerabilities in your application’s source code and prioritising them in order of magnitude of risk to your business
  • Comprehensive remedial advice for every identified issue

Why choose Perspective Review for a source code review?

  • You receive a bespoke service according to the needs of your business, not a generic assessment
  • You receive a prioritised report based on key coding issues including any trends in the development approach
  • You work with expert consultants who are well versed in multiple language code reviews
  • We cover all major languages including C, C++, C#, Java, Ruby, PHP, Python, Perl

Want to know more or book your source code review now? Get in touch today.