Code review is probably the single-most effective technique for identifying security flaws. When used together with automated tools and manual penetration testing, code review can significantly increase the cost effectiveness of an application security verification effort.
Entersoft’s code review helps in identifying security bugs that generally do not come out during penetration tests and dynamic security tests. Code review is an effective method for finding bugs that are impossible to find in any other way.
End to end review of your authentication and user management code and packages.
Authorisation code reviews to ensure you avoid any unauthorized accesses.
Storage, cookies, sessions are reviewed here.
All external inputs, HTTP Headers etc are reviewed to check they are validated without exception.
All encryption and encoding standards are reviewed.
Exception handling code is reviewed to ensure that all generic exceptions are handled.
Logging code related to User and sensitive activities are reviewed.
Libraries and configurations reviews.