This thorough assessment of software code will detect potential security flaws in your existing applications.
A large proportion of attacks take place by way of applications that contain insecure pieces of code. An insecure piece of code may cause a potential vulnerability and thus provide an entry point into your company infrastructure or data. It is therefore highly recommended to identify such flaws before they can harm your systems.
The aim of a Secure Code Review is to validate all points in the application that are relevant to security, such as authentication, authorisation & access control, session management, error handling, cryptographic controls, input validation or other elements depending on the software under consideration.
When conducting a Secure Code Review, Navixia follows a strict methodology based on the OWASP standard. This methodology ensures that a structured process is followed when conducting a project of this nature, as well as providing the customer with a standard against which the assessment can be measured.
An extreme level of reciprocal trust is necessary between the parties involved in a security audit, which implies a number of preliminary discussions and very strict security guidelines.
Navixia is a renowned specialist in the field of security, and can rely on a team of senior professionals all with a long-standing experience in their respective field of activity. Some of them are widely recognised experts. They are daily confronted with the latest technological advances. Their respective expertise makes it possible to cover all aspects of security. Navixia can vouch for their absolute trustworthiness and their complete integrity.
Navixia subscribes to the principles of the international standard ISO 17799 (BS7799) – a code of practice for information security management.
You may also want to read our information datasheet on secure code review.
For obvious reasons, no details of our audit methods are listed in this page. The duration of an audit depends on the extent of the area to assess.
Each company is unique.
We remain at your disposal at any time to discuss any audit-related issue in more detail or provide further information - without any engagement.