Eclipsecurity, Information Security Consulting Services

Assess Services

Application Secure Code Review
Application Security
Computer Configuration
Corporate Security Policy Gap
Data Privacy
Database Security
Enterprise Security
Facility Physical Security
Firewall Configuration
Identity & Access Management
Messaging Security
Network Vulnerability
PCI DSS Audit Readiness
Penetration Testing
Regulatory Compliance
Vulnerability Scanning

Eclipsecurity Application Secure Code Review

Because...

Applications should be, but often are not, designed to defend against intrusion

Common programming errors may cause an application to be vulnerable to insidious attacks

Secure code processes should be formalized in application development

Eclipsecurity evaluates an application's vulnerability to attacks by analyzing the secure code practices which were employed in development.

Eclipsecurity Approach

Perform threat modeling to identify and prioritize code that poses highest security risk

Utilize Microsoft process and tools
Examine interactions between system components to uncover security 'hot spots'

Execute code scanning to establish minimum objective repeatable baseline

Detect common code security defects in applications based on .NET Framework and C/C++

Review code identified as significant risk for security defects
Examine security issues unique to application architecture
Recommend action plan to mitigate defects detected

Eclipsecurity Application Secure Code Reviews typically are completed within 2-4 weeks by our consultants specializing in code development and threat modeling.

Related Eclipsecurity Services

Prevent Services:	Assessment Remediation
Enhance Services:	Change Management