Application Security Testing and Source Code Review

Source code review for application security testing conducted by ESL GCI subject matter experts (SMEs).

Our Process

Silhouette of a person using a laptop while standing.

Most code reviews for application security testing incorporate a manual source code review process to pinpoint significant code-level issues that might be leveraged by attackers to compromise a system and/or application. In addition to manual review guided automated tools, including publicly available tools from the U.S. Department of Homeland Security (DHS), Software Assurance Marketplace (SWAMP) platform, are leveraged to perform static and dynamic analysis to detect sensitive code snippets which can potentially be abused. Our SMEs will use use program slicing scripts trace code dependencies and locate the specific locations of any identified. We identify weaknesses as defined in the MITRE standard of Common Weakness Enumeration includes running a set of publicly available tools.

What You’ll Receive

A report outlining identified security vulnerabilities/weaknesses witha correlating set of mitigation recommendations specific to each finding.

Location

exterior view of the GCI building in the evening.

ESL Global Cybersecurity Institute

Our state-of-the-art Cyber Range and Training Center, located at the ESL Global Cybersecurity Institute on RIT’s campus in Rochester, NY. It is capable of hosting more than 5,000 virtual machines simultaneously in immersive scenarios, enabling Executive Incident Response Training, Threat Intelligence and Emulation Training, and more.

Within this infrastructure, we are able to introduce threat intelligence systems in scale replicas of any massive, global business, with specific focus on healthcare, energy, and finance. The Cyber Range and Training Center provides alternate reality instructional vignettes for cohorts of corporate leaders and IT security professionals to experiment and learn, facilitating research opportunities in the most critical of industries.

Book Now

Contact Sarah Yarger to book your training and learn more!

Sarah Yarger
Sarah Yarger
Project and Operations Manager