Building custom, in-house applications is a viable solution for many enterprises today because doing so ensures support for all the necessary features required. Unfortunately it also carries with it a number of pitfalls. Most developers do not focus on security auditing early in the development and the result is a large amount of money spent over the lifetime of the solution resolving vulnerabilities, bugs and providing patch maintenance.
Tevora offers source code security audits for both web-based applications and traditional host-based applications. Our proven audits utilize methodologies built around industry leading standards. For web-based applications we have incorporated DHS and OWASP’s Top Ten and our host-based application methodology draws from CERT/CC, MITRE, Sun and NIST secure coding guidelines and standards.
The audit process combines extensive manual code review augmented with several industry leading automated code analysis tools. Our experienced senior security consultants can help you identify security vulnerabilities in the design and implementation early in the development process. We work directly with your development teams to resolve the identified issues as well as provide them with education and best practices for creating code.