scip AG

Services: Source Code Analysis

Goal

Modeling of the software and identification of poorly written inefficient and incorrect code segments.

Initial Situation

The customer provides the uncompiled and if possible documented source code of the application that is to be examined. In addition, a better understanding of the product can be accomplished by providing a user manual as well as a code walkthrough by the developers.

Approach

• Discovery of critical functions: Identification of problematic and incorrect functions (e.g. strcpy() in C/C++ or file() in PHP).
• Program flow analysis: Determination of the program flow through its control structures and predicate logic.
• Data flow analysis: Tracing of processing of input/output, variables, and constants in the code.
• Program slicing: Containment of affected code segments in order to reduce the discovered problems.

Result

The customer is provided with a document that contains all discovered vulnerabilities of the tested code. Each weakness is tabulated, whereby each entry contains a discussion of the respective code definitions, a risk assessment, a technical description, as well as suggestions for countermeasures.

Pros and Cons

A source code analysis (SCA) is considered the most powerful and economical tool to identify vulnerabilities in a software solution. It allows to quickly and accurately locate potential sources of errors in applications and to determine their importance. For this reason, source code analyses are applied more and more often to complement classic network vulnerability scans or application penetration tests.

Reference Example

Source Code Analysis Online Banking: Especially financial institutions request extended source code analyses (SCA) of their critical and exposed applications. Therefore we regularly examine electronic banking systems. Through a direct examination of the source code, we are able to determine conceptional and technical weaknesses, which could not or could only be detected with considerable effort in blackbox tests (e.g. network scans and application penetration tests).

More References

• Strategy
  • Security Coaching
  • Concept Development
  • Concept Review
  • Process Review
  • Second Opinion
  • Risk Analysis
  • Logical Flow Analysis
• Auditing
  • Security Scan
  • Penetration Test
  • Configuration Review
  • Firewall Rule Review
  • Source Code Analysis
  • Reverse Engineering
  • Backdoor Test
• Forensics
  • Log Management
  • Evidence Collection
  • Intrusion Detection
  • Forensic Analysis
  • Data Recovery