Current approaches to security testing can lack a holistic view of protecting your business. Traditional methods such as blackbox penetration testing are a blind approach to security; while useful for assessing perimeter and deployment defences, they can miss major security vulnerabilities and weaknesses within your systems.
A source code review will take into consideration the business logic, dependencies, deployment environment and language specific vulnerability classes of a system. It enables a focussed security assessment and identifies systemic and critical security vulnerabilities.
elttam is proud to be first in its class, providing code review services to businesses in Australia and abroad. With access to the source, elttam provides in-depth analysis of vulnerabilities, root causes, and offers solid remediation advice that addresses security right at the core of your business.
At elttam, your project is delivered by a leading team of security professionals who specialise in code review. We guide you through every identified security vulnerability and make sure the remediation fixes are both practical and cost-effective.
Meet with product owners and security champions to understand your projects business objectives, circumstances and security guarantees. Obtain access to source code, test images and build instructions.
Review documentation of your products architecture, features and libraries. Review third party frameworks in use along with historical defects and security vulnerabilities.
Commence the source code review by identifying entry points and prioritizing the test plan to cover the greatest amount of attack surface. This step utilizes our skills in combining code review and threat modelling.
Perform source code review, starting with the entry points identified in the previous phase and auditing for critical vulnerabilities.
Vulnerability triaging, and developing proof of concept exploits. This demonstrates the benefits of source code review by showing practical exploitation of identified vulnerabilities.
Results are verbally communicated to you and a clear understanding is established. Findings are documented in full detail along with recommendations and strategic guidance to address potential root-causes.
Contact us to receive the full detail of our methodology.
We have performed hundreds of source code reviews across many languages, platforms, and technology stacks.
C, C++, Objective-C
SQL, HQL, PLSQL, NoSQL
Firmware, Assembly, Drivers, Operating Systems, Virtualization
Networking, Client/Server, Mobile, Frameworks, Web Applications
A team with an established reputation and over a decade of experience
Tailored security services to fit any project or business
Providing services to global software companies and ASX listed enterprises
Made in Australia!