diff --git a/xml/source/snippets/offerte/en/methodology_code-audit.xml b/xml/source/snippets/offerte/en/methodology_code-audit.xml index 5530cf7..e86c7d1 100644 --- a/xml/source/snippets/offerte/en/methodology_code-audit.xml +++ b/xml/source/snippets/offerte/en/methodology_code-audit.xml @@ -2,56 +2,45 @@
Code Audit

- - will perform a code audit. During this process we will verify if the proper - security controls are present, work as intended and are implemented - correctly. If vulnerabilities are found, we determine the threat level by - assessing the likelihood of exploitation of this vulnerability and the - impact on the Confidentiality, Integrity and Availability (CIA) of the - system. We will describe how an attacker would exploit the vulnerability and - suggest ways of fixing it. -

-

This requires an extensive knowledge of the platform the application is - running on, as well as the extensive knowledge of the language the - application in written in and patterns that have been used. Therefore a code - audit done by highly-trained specialists with a strong background in - programming. -

-

- During the code audit, we take the following approach: -

+ will perform a code audit. During this process we will verify if the proper + security controls are present, work as intended and are implemented correctly. If + vulnerabilities are found, we determine the threat level by assessing the likelihood of + exploitation of this vulnerability and the impact on the Confidentiality, Integrity and + Availability (CIA) of the system. We will describe how an attacker would exploit the + vulnerability and suggest ways of fixing it.

+

This requires an extensive knowledge of the platform the application is running on, as well as + the extensive knowledge of the language the application in written in and patterns that have + been used. Therefore a code audit done by highly-trained specialists with a strong background in + programming.

+

During the code audit, we take the following approach:

  1. Thorough comprehension of functionality -
    - We try to get a thorough comprehension of how the application works and - how it interacts with the user and other systems. Having detailed - documentation (manuals, flow charts, system sequence diagrams, design - documentation) at this stage is very helpful, as they aid the - understanding of the application -
  2. +
    We try to get a thorough comprehension of how the application works and how it interacts + with the user and other systems. Having detailed documentation (manuals, flow charts, system + sequence diagrams, design documentation) at this stage is very helpful, as they aid the + understanding of the application +
  3. Comprehensive code reading

  4. goals of the comprehensive code reading are: +
    • to get an understanding of the whole code
    • +
    • identify adversary controlled inputs and trace their paths
    • +
    • identify issues
  5. Static analysis -
    - Using the understanding we gained in the previous step, we will use static - code analysis to uncover any vulnerabilities. Static analysis means the - specialist will analyze the code and implementation of security controls - to get an understanding of the security of the application, rather than - running the application to reach the same goal. This is primarily a manual - process, where the specialist relies on his knowledge and expertise to - find the flaws in the application. The specialist may be aided in this - process by automatic analysis tools, but his or her skills are the driving - force. -
    - Depending on the type of application, we will identify the endpoints. In - this case, it means where data enters and leaves the application. The data - is then followed through the application and is leading in determining if - assessing the quality of the security measures. -
  6. - +
    Using the understanding we gained in the previous step, we will use static code analysis + to uncover any vulnerabilities. Static analysis means the specialist will analyze the code and + implementation of security controls to get an understanding of the security of the + application, rather than running the application to reach the same goal. This is primarily a + manual process, where the specialist relies on his knowledge and expertise to find the flaws + in the application. The specialist may be aided in this process by automatic analysis tools, + but his or her skills are the driving force.
    Depending on the type of application, we + will identify the endpoints. In this case, it means where data enters and leaves the + application. The data is then followed through the application and is leading in determining + if assessing the quality of the security measures.
  7. Dynamic analysis -
    - Dynamic analysis can also be performed. In this case, the program is run - and actively exploited by the specialist. This is usually done to confirm - a vulnerability and as such follows the result of the static analysis. -
  8. +
    Dynamic analysis can also be performed. In this case, the program is run and actively + exploited by the specialist. This is usually done to confirm a vulnerability and as such + follows the result of the static analysis. +
  9. Fuzzing +
    Fuzz testing or Fuzzing is a software testing technique which in essence consists of finding implementation bugs using malformed/semi-malformed data injection in an automated fashion.
  10. +
  11. Concolic analysis +
    If the specialist thinks it useful, additional concolic analysis may be performed on selected subsets of the code.
diff --git a/xml/source/snippets/offerte/en/projectoverview.xml b/xml/source/snippets/offerte/en/projectoverview.xml index 6c21fd1..8f45ea7 100644 --- a/xml/source/snippets/offerte/en/projectoverview.xml +++ b/xml/source/snippets/offerte/en/projectoverview.xml @@ -19,7 +19,8 @@ will test for the presence of the most common vulnerabilities, using both publicly available vulnerability scanning tools and manual testing. shall perform a - -day (-personday), , intrusive test via the + -day (-personday) + intrusive test via the internet.

diff --git a/xml/source/snippets/offerte/en/projectoverview_code-audit.xml b/xml/source/snippets/offerte/en/projectoverview_code-audit.xml new file mode 100644 index 0000000..da1fd4c --- /dev/null +++ b/xml/source/snippets/offerte/en/projectoverview_code-audit.xml @@ -0,0 +1,39 @@ + +
+ Project Overview +

+ will perform a of the source code files described below + for . The code audit is intended to gain insight into the security of the + source code. To do so, will analyze the code, attempt to find + vulnerabilities, and gain further access and elevated privileges by exploiting any + vulnerabilities found.

+ +

+ will test the following code (the “Targets”):

+ + + +

+ will test for the presence of the most common vulnerabilities using a + combination of publicly available (static, dynamic and concolic) analytic tools, fuzzing and + code reading. will perform this code audit in days + ( persondays).

+ + + + + + + + + +
diff --git a/xml/source/snippets/snippetselection.xml b/xml/source/snippets/snippetselection.xml index 7ed2542..b7ec30f 100644 --- a/xml/source/snippets/snippetselection.xml +++ b/xml/source/snippets/snippetselection.xml @@ -89,7 +89,7 @@ introandscope - projectoverview + projectoverview_code-audit prerequisites disclaimer_code-audit methodology_code-audit