Application Code Review
An application code review looks deeply into the internal workings of an application with a line-by-line manual review of security-sensitive processes.
This type of testing provides assurance for applications used in sensitive industries including banking, finance, government or database/transactional applications that hold personally identifiable information (PII) or other client information.
An application code review includes:
- Login registration and transactional processes
- Code error identification and exploitation
- Logic errors and backdoor identification
- Test code vulnerabilities (including code inadvertently included in release)
- Inadvertent disclosure of personal information
- Upgrades and patch vulnerabilities
- Privacy leakage testing for banking, finance and government
- Post-exploitation information gathering
A standard review takes approximately three to four days, however this depends on the number of lines within the code, functionality and the overall application size.
Department of Internal Affairs (All of Government Certified Services & Common Capability ICT): ICT-SRS Panel (CCPSA-SRS)
- Information Security Risk Management and Assessment
- Information Security Governance and Strategy
- Information Security Assurance
- Source Code and Application Review and Technical Testing
- ICT Forensics, Investigation and Security Incident Response
Get in touch for more information about how we can help.^ BACK TO TOP