Custom application security tests by Positive Technologies provide your company with independent expert analysis of your source code that measures the risk in relation to known methods of attack. We are unique in our ability to work with huge amounts of source code (tens of megabytes), our deep knowledge of code generated using different technologies, and our highly qualified experts with over a decade of experience conducting custom code analysis for large enterprises around the world.
Our process emphasizes intensive manual testing with additional automated checks to enhance the overall quality of analysis. Our typical testing procedure is as follows:
- Estimate the volume of work (size of the source code used, programming languages used, technology development)
- Analyze source code manually (our experts work on-site at your facility)
- Analyze source code with automated methods
- Identify vulnerable sections of your code
- Evaluate results
- Provide recommendations for eliminating source code vulnerabilities
Results
The key deliverable from our testing includes a report detailing:
- Test methodology
- General conclusions about the quality of the source code and its resistance to known attack methods
- Explanations for all identified vulnerabilities and an analysis of the potential impact on your business if these vulnerabilities were exploited
- Recommendations for source code revisions to mitigate each vulnerability (including code examples)
