Software Analysis
The field of Software Analysis is generally comprised of two main areas:
Source Code Analysis aims at unveilling typical programming mistakes (use of vulnerable functions, logic flaws, etc.). Our methodical procedure is oriented on the optimal cost-benefit ratio for our customers: The first part of a Source Code Analysis constitutes of the development of a Threat Model in order to identify the relevant parts of the application. Then the functions which offer potential attack surface undergo an in-depth analysis for vulnerabilities.
Tip: We recommend Source Code Analysis in conjunction with the penetration tests of web applications!
Reverse Engineering
Software analysis via Reverse Engineering becomes important for the analysis of closed-source software, ie. software for which source code is not available. The motivation for reverse engineering can be manifold.
For example third-party applications should be examined for:
- Hidden Backdoors
- Phone Home features
- Prooving the existens of security features
- ...