I don’t normally pimp my employer, but I’d rather be doing secure code reviews than pen tests any day of the week. 🙂
We have open slots in our schedule for secure code reviews starting from mid March 2011.
We perform our code reviews against the OWASP Application Security Verification Standard
- Level 2B – Automated Review using Fortify 360 coupled with a manual verification of 83 items (Architecture, Authentication, Authorization, Session Management, Data Protection, Cryptography, etc)
- Level 3 – Includes all of the above, but 110 inspection points. The sweet spot of our reviews in my personal opinion.
- Level 4 – Includes all of the above, plus manual inspection for trojans, backdoors, etc.
These reviews help folks wishing to comply with PCI DSS or PCI PA DSS, or just wish to know that their websites are safe and secure.
If you’d like to discuss things further, please e-mail avanderstock (at) purehacking.com.
Leave a Reply