IT Security Services

 
GSS Infotech team was very quick and efficient in modifying the documents and finishing the deliverables. The first drafts of the Functional Spec were created in good time by the team.
Project Manager

A Leading Manufacturing Company

Services » IT Security Services » Code Review

Code Review

When used together with automated tools and manual penetration testing, code review can significantly increase the cost effectiveness of an application security verification effort.

GSS Infotech code review helps in identifying security bugs that generally do not come out during penetration tests and dynamic security tests. Code review is an effective method for finding bugs that are impossible to find in any other way.

Our Code Review Process Involves:

  • Review each and every line of code in
    • Static mode
      • Automated tests through review tools
      • Manual business logic tests.
    • Dynamic mode
      • Conditions and flow tests.
      • Race condition tests.
  • Provide remediation.
  • Support your developer team to facilitate the best practices training.

Our Code Review Covers:

  • Authentication reviews.
  • Access Control Level reviews.
  • Session management reviews.
  • Input and Output validation reviews.
  • SSL, Encoding reviews.
  • Exceptions and error handling reviews.
  • Application logging mechanism reviews.
  • Configurations and deployment reviews.