Static Code Review

Source code security analysis is a security measure to be adopted at implementation phase of the SDLC to automatically detect vulnerabilities by mechanically checking out the source code that is a blueprint of software and picking out specific patterns included in the source code. Source code security analysis tool detects problematic lines by checking out specific patterns, it can find problematic lines that may not be exploited (attacked) immediately but potential vulnerabilities (that could become real vulnerabilities when additional development or some triggering event is called for) as well.

Key Benefits

Early and frequent code checking
Code Quality Assurance
Secure code practises
Compiler optimization

Our Approach towards Static Code Review Implementation

PHASE I -Reconnaissance

This process begins with detailed scanning and research into the application environment, with the performance of automated testing for known vulnerabilities and manual analysis.

PHASE II -Vulnerability Detection

Once the target has been fully enumerated, Esecurity Audit Labs uses both static code vulnerability scanning tools and manual analysis to identify security flaws.During this stage, we rebuild the provided code for assessment in integrated development platform and start decompiling the application sources to check vulnerabilities.
The vulnerability detection process includes:
1-Data flow analysis
2-Taint analysis
3-Lexical analysis

PHASE III -Assessment Reporting

Once the engagement is complete, Esecurity Labs delivers a detailed analysis and threat report, including remediation steps along with adequate filled in reference fields.

PHASE IV -Remediation

Esecurity Labs provides remediation retesting for all vulnerabilities listed in the report. At the conclusion of the remediation testing and request of the client, Esecurity Labs will update the report with a new risk level determination and mark which vulnerabilities in the report were in fact remediated to warrant a new risk level.