Application Code Review

Getting to the source of web application vulnerabilities.

For in-depth security testing of web applications, Halock can perform an Application Code Review. This type of 'white box' testing is best performed in conjunction with an SDLC Assessment. The Application Code Review will test the level of security awareness of the development team. Using a combination of automated tools and manual sampling, Halock's team will review the application code and architecture.

It is preferred but not mandatory to perform Vulnerability Scanning and Ethical Hacking before looking at the source code and the SDLC. The Application Code Review is usually performed with the involvement of the development team. The exercise not only uncovers possible coding vulnerabilities but can enlighten developers to security best practices.

For more extensive security training for developers, customized classes can be put together or select team members can join monthly classes provided by Halock.
 

On-Demand Vulnerability Scanning:

Allows for unlimited scanning of Internet IP addresses to enable ongoing compliance with PCI quarterly vulnerability scanning requirement. Online filing allows for automatic notification to acquiring bank once compliance is achieved.

PCI Compliance Management Portal:

An online portal designed to facilitate PCI compliance efforts and to assist in managing all work efforts related to acheiving PCI compliance. Portal includes PCI related news articles with expert analysis, a comprehensive PCI knowledgebase, downloadable tools and templates, and more.