Source Code Review
GDS Source Code Review assessments uncover security vulnerabilities and their development root causes in the source code of mission-critical business applications.
The GDS methodology combines manual code review techniques, proprietary application security directives (ASDs), and the use of premier proprietary and commercial source code analysis tools in a consistent and repeatable process.
The full-disclosure of source code and design documents allows for the quick identification of common application security vulnerabilities. GDS engineers then focus on identifying the more obscure and high risk vulnerabilities unique to the targeted application and its business logic.
GDS delivers a detailed and comprehensive report at the conclusion of each security assessment. All GDS reports are highly customizable depending on requested reporting requirements and typically include an executive summary, detailed technical findings and recommendations, and illustrative walkthroughs of all exploitation steps performed.
At the end of each Source Code Review assessment, GDS can offer the following related services:
- Regression testing of all items identified during the assessment
- Vulnerability Remediation Assistance and Project Management
- Custom Secure Application Development Training