Code
Review

The code review service provided by Bonsai allows to detect all existing vulnerabilities in applications. Be them Web applications, Network Services or client/server applications, the code review process allows to identify vulnerabilities that are hardly detectable with any other methodology such as, for instance, black-box Web Application Penetration Testing.

Bonsai has a unique combination of both knowledge on the most usual programming languages (Java, ASP, C#, ASP.NET) and an advanced knowledge on computer information security, which will make the code review be detailed and effective.

Common vulnerabilities identified during a Code Review include:

1. SQL Injection
2. Cross-Site Scripting (XSS)
3. Authentication Bypass
4. Application Logic Flaws
5. Buffer Overflows
6. Format strings
7. Resource exhaustation (DoS)
8. Insecure cryptographic algorithms and implementations

Vulnerability Remediation

In most cases fixing a Web Application Vulnerability is a complex procedure and that is why most development teams lack the time or resources to fix them. Understanding our customer’s needs, Bonsai offers a complementary consulting service aimed at helping developers fix the vulnerabilities identified during the Code Review service.

Deliverables

Our deliverables include the following:

1. Technical report
2. Executive summary
3. Strategic recommendations
4. Vulnerability-Free source code (optional with Vulnerability Remediation service)

• Quick Links

  • Get a Code Review Quote
  • Penetration Testing
  • Web Application Penetration Testing
  • TCP/IP Stack Testing
  • Penetration Test Training
  • Web Application Security Training

• News and Updates

  • Second w3af training @ New York

  • Web Application Security training @ FRHACK

  • Web Application Security Training in Buenos Aires