Responsive image

Software
Security Assessment

Purpose

To uncover vulnerabilities in an application. Deploying vulnerable applications can cause security issues for an organisation and its clients. By locating and mitigating these vulnerabilities before shipping the product, the negative impact of someone else discovering them can be avoided.

Process

  • Software and code delivered – the client provides Danish Cyber Defence with a working copy of the software, documentation and optionally source code.
  • Analysis – the application is tested both manually and with automated tools to locate possible vulnerabilities and issues that could compromise the security of the application. If access to source code is included in the scope, portions of the code will be reviewed and used to drive parts of the manual test process.
  • Reporting – we present our findings to the relevant stakeholders focusing on how to resolve the uncovered security issues from the application.

Requirements

Once the software, documentation and code has been delivered to Danish Cyber Defence, the analysis is performed offsite. A contact point from the client is needed in order to facilitate any issues that might arise during the test.

We recommend

That an application is tested at least once before deployment. Furthermore, if the application is an evolving code base, we recommend that it be tested biannually or before major code updates are deployed.

Contact us

+45 3113 7316

[email protected]

Vester Farimagsgade 41, 1606 Copenhagen V

Consulting | Training | Blog | About

© 2020 Danish Cyber Defence A/S · Vester Farimagsgade 41 · 1606 Copenhagen V · CVR 38871064