The code review process is designed to ensure that software has been both designed and implemented to comply with security best practice; thereby providing assurance that the software cannot be manipulated in unintended ways when installed in its working environment.
Why perform a code review?
To meet a regulatory requirement (e.g. PCI DSS 1.2, clause 6.3.2).
- To verify that custom applications (self developed or outsourced) are free from acidental or intentional back-doors.
- To conduct security due dilligence of key applications /intellectual property (IP) during a merger or acquisition.
Get in touch!
Get in touch and speak to an expert consultant on