A Secure Code Review involves analysis of the application source code to identify potential security vulnerabilities. A secure code review is generally recommended for high profile and mission critical applications processing sensitive and confidential information. This can be the single most effective technique to identify implementation bugs when used in combination with automated scanning and manual penetration testing techniques. This is also known as “White Box” security testing since the security team has full knowledge of the application and its source code.
AppSecure Labs’ detailed source code review methodology can be utilised to perform targeted source code reviews within critical areas of the application, by utilising a combination of industry-leading open source and commercial source code analysis tools and manual inspection techniques in order to provide comprehensive coverage and to reduce false positives. AppSecure Labs offers a source code review service for most common programming languages for web and mobile platforms.