Security focussed Code Reviews run by the elttam team

Taking security to the source

Current approaches to security testing can lack a holistic view of protecting your business. Traditional methods such as blackbox penetration testing are a blind approach to security; while useful for assessing perimeter and deployment defences, they can miss major security vulnerabilities and weaknesses within your systems.

A source code review will take into consideration the business logic, dependencies, deployment environment and language specific vulnerability classes of a system. It enables a focussed security assessment and identifies systemic and critical security vulnerabilities.

elttam is proud to be first in its class, providing code review services to businesses in Australia and abroad. With access to the source, elttam provides in-depth analysis of vulnerabilities, root causes, and offers solid remediation advice that addresses security right at the core of your business.

At elttam, your project is delivered by a leading team of security professionals who specialise in code review. We guide you through every identified security vulnerability and make sure the remediation fixes are both practical and cost-effective.

Our methodology®

Meet with product owners and security champions to understand your projects business objectives, circumstances and security guarantees. Obtain access to source code, test images and build instructions.

Phase 1
Scoping

Review documentation of your products architecture, features and libraries. Review third party frameworks in use along with historical defects and security vulnerabilities.

Phase 2
Documentation Review

Commence the source code review by identifying entry points and prioritizing the test plan to cover the greatest amount of attack surface. This step utilizes our skills in combining code review and threat modelling.

Phase 3
Entry point analysis

Perform source code review, starting with the entry points identified in the previous phase and auditing for critical vulnerabilities.

Phase 4
Auditing

Vulnerability triaging, and developing proof of concept exploits. This demonstrates the benefits of source code review by showing practical exploitation of identified vulnerabilities.

Phase 5
Exploitation

Results are verbally communicated to you and a clear understanding is established. Findings are documented in full detail along with recommendations and strategic guidance to address potential root-causes.
Contact us to receive the full detail of our methodology.

Phase 6
Reporting

Our expertise

We have performed hundreds of source code reviews across many languages, platforms, and technology stacks.

C-Family

C, C++, Objective-C

Enterprise

.NET, Java

Scripting

PHP, Python, Ruby, Perl, HTML, JavaScript, Shell

Databases

SQL, HQL, PLSQL, NoSQL

System Programming

Firmware, Assembly, Drivers, Operating Systems, Virtualization

General

Networking, Client/Server, Mobile, Frameworks, Web Applications

Why elttam?

A team with an established reputation and over a decade of experience

Tailored security services to fit any project or business

Providing services to global software companies and ASX listed enterprises

Made in Australia!

Contact us

Let's talk



Email us

hellome@elttam.com.au

PGP public key

Sydney

Suite 3, Level 27, 1 Farrer Place, Sydney 2000, NSW

Suite 3, Level 27, 1 Farrer Place, Sydney

(+61) 02 8004 5952


Melbourne

Suite 504, 365 Little Collins Street, Melbourne 3000, Victoria

Suite 504, 365 Little Collins Street, Melbourne

(+61) 03 9005 1058