This process begins with detailed scanning and research into the application environment, with the performance of automated testing for known vulnerabilities and manual analysis.
Once the target has been fully enumerated, Esecurity Audit Labs uses both static code vulnerability scanning tools and manual analysis to identify security flaws.During this stage, we rebuild the provided code for assessment in integrated development platform and start decompiling the application sources to check vulnerabilities.
The vulnerability detection process includes:
1-Data flow analysis
2-Taint analysis
3-Lexical analysis
Once the engagement is complete, Esecurity Labs delivers a detailed analysis and threat report, including remediation steps along with adequate filled in reference fields.
Esecurity Labs provides remediation retesting for all vulnerabilities listed in the report. At the conclusion of the remediation testing and request of the client, Esecurity Labs will update the report with a new risk level determination and mark which vulnerabilities in the report were in fact remediated to warrant a new risk level.
© 2020 www.esecurityaudit.com. All rights reserved | Privacy Policy