Code Review

Code Review Pen Testing

Let’s face it: no one can write 100% bug-free code all the time. What bugs might be in your code? Is your job on the line when you assess thousands of lines of code and fail to see that you did not implement proper bounds checking or used an insecure function? What if a value has been hardcoded, something that if the code was decompiled would reveal the SA password to your SQL Server? 

These are just a few of the things we look for when doing a code review. Yes, they are tedious, but they are necessary. At KirkpatrickPrice, we take a hybrid approach that includes both automation and manual assessment. We look for logic issues, security issues, and anything that would be a vulnerability if discovered and abused.