diff --git a/xml/source/snippets/offerte/en/methodology_code-audit.xml b/xml/source/snippets/offerte/en/methodology_code-audit.xml
index 5530cf7..e86c7d1 100644
--- a/xml/source/snippets/offerte/en/methodology_code-audit.xml
+++ b/xml/source/snippets/offerte/en/methodology_code-audit.xml
@@ -2,56 +2,45 @@
Code Audit
-
- will perform a code audit. During this process we will verify if the proper
- security controls are present, work as intended and are implemented
- correctly. If vulnerabilities are found, we determine the threat level by
- assessing the likelihood of exploitation of this vulnerability and the
- impact on the Confidentiality, Integrity and Availability (CIA) of the
- system. We will describe how an attacker would exploit the vulnerability and
- suggest ways of fixing it.
-
- This requires an extensive knowledge of the platform the application is
- running on, as well as the extensive knowledge of the language the
- application in written in and patterns that have been used. Therefore a code
- audit done by highly-trained specialists with a strong background in
- programming.
-
-
- During the code audit, we take the following approach:
-
+ will perform a code audit. During this process we will verify if the proper
+ security controls are present, work as intended and are implemented correctly. If
+ vulnerabilities are found, we determine the threat level by assessing the likelihood of
+ exploitation of this vulnerability and the impact on the Confidentiality, Integrity and
+ Availability (CIA) of the system. We will describe how an attacker would exploit the
+ vulnerability and suggest ways of fixing it.
+ This requires an extensive knowledge of the platform the application is running on, as well as
+ the extensive knowledge of the language the application in written in and patterns that have
+ been used. Therefore a code audit done by highly-trained specialists with a strong background in
+ programming.
+ During the code audit, we take the following approach:
- Thorough comprehension of functionality
-
- We try to get a thorough comprehension of how the application works and
- how it interacts with the user and other systems. Having detailed
- documentation (manuals, flow charts, system sequence diagrams, design
- documentation) at this stage is very helpful, as they aid the
- understanding of the application
-
+
We try to get a thorough comprehension of how the application works and how it interacts
+ with the user and other systems. Having detailed documentation (manuals, flow charts, system
+ sequence diagrams, design documentation) at this stage is very helpful, as they aid the
+ understanding of the application
+ - Comprehensive code reading
goals of the comprehensive code reading are:
+ - to get an understanding of the whole code
+ - identify adversary controlled inputs and trace their paths
+ - identify issues
- Static analysis
-
- Using the understanding we gained in the previous step, we will use static
- code analysis to uncover any vulnerabilities. Static analysis means the
- specialist will analyze the code and implementation of security controls
- to get an understanding of the security of the application, rather than
- running the application to reach the same goal. This is primarily a manual
- process, where the specialist relies on his knowledge and expertise to
- find the flaws in the application. The specialist may be aided in this
- process by automatic analysis tools, but his or her skills are the driving
- force.
-
- Depending on the type of application, we will identify the endpoints. In
- this case, it means where data enters and leaves the application. The data
- is then followed through the application and is leading in determining if
- assessing the quality of the security measures.
-
-
+
Using the understanding we gained in the previous step, we will use static code analysis
+ to uncover any vulnerabilities. Static analysis means the specialist will analyze the code and
+ implementation of security controls to get an understanding of the security of the
+ application, rather than running the application to reach the same goal. This is primarily a
+ manual process, where the specialist relies on his knowledge and expertise to find the flaws
+ in the application. The specialist may be aided in this process by automatic analysis tools,
+ but his or her skills are the driving force.
Depending on the type of application, we
+ will identify the endpoints. In this case, it means where data enters and leaves the
+ application. The data is then followed through the application and is leading in determining
+ if assessing the quality of the security measures.
- Dynamic analysis
-
- Dynamic analysis can also be performed. In this case, the program is run
- and actively exploited by the specialist. This is usually done to confirm
- a vulnerability and as such follows the result of the static analysis.
-
+
Dynamic analysis can also be performed. In this case, the program is run and actively
+ exploited by the specialist. This is usually done to confirm a vulnerability and as such
+ follows the result of the static analysis.
+ - Fuzzing
+
Fuzz testing or Fuzzing is a software testing technique which in essence consists of finding implementation bugs using malformed/semi-malformed data injection in an automated fashion.
+ - Concolic analysis
+
If the specialist thinks it useful, additional concolic analysis may be performed on selected subsets of the code.
diff --git a/xml/source/snippets/offerte/en/projectoverview.xml b/xml/source/snippets/offerte/en/projectoverview.xml
index 6c21fd1..8f45ea7 100644
--- a/xml/source/snippets/offerte/en/projectoverview.xml
+++ b/xml/source/snippets/offerte/en/projectoverview.xml
@@ -19,7 +19,8 @@
will test for the presence of the most common
vulnerabilities, using both publicly available vulnerability scanning
tools and manual testing. shall perform a
- -day (-personday), , intrusive test via the
+ -day (-personday)
+ intrusive test via the
internet.
diff --git a/xml/source/snippets/offerte/en/projectoverview_code-audit.xml b/xml/source/snippets/offerte/en/projectoverview_code-audit.xml
new file mode 100644
index 0000000..da1fd4c
--- /dev/null
+++ b/xml/source/snippets/offerte/en/projectoverview_code-audit.xml
@@ -0,0 +1,39 @@
+
+
+ Project Overview
+
+ will perform a of the source code files described below
+ for . The code audit is intended to gain insight into the security of the
+ source code. To do so, will analyze the code, attempt to find
+ vulnerabilities, and gain further access and elevated privileges by exploiting any
+ vulnerabilities found.
+
+
+ will test the following code (the “Targets”):
+
+
+
+
+ will test for the presence of the most common vulnerabilities using a
+ combination of publicly available (static, dynamic and concolic) analytic tools, fuzzing and
+ code reading. will perform this code audit in days
+ ( persondays).
+
+
+
+
+
+
+
+
+
+
diff --git a/xml/source/snippets/snippetselection.xml b/xml/source/snippets/snippetselection.xml
index 7ed2542..b7ec30f 100644
--- a/xml/source/snippets/snippetselection.xml
+++ b/xml/source/snippets/snippetselection.xml
@@ -89,7 +89,7 @@
introandscope
- projectoverview
+ projectoverview_code-audit
prerequisites
disclaimer_code-audit
methodology_code-audit