During the Source Code review, Secugenius will search first for high risk and then work down to the low risk vulnerabilities. Overall, this will be a highly comprehensive review intended to find security breaches and violations, bugs and other issues.

  • Some high risk vulnerabilities include:
    • Injection coding issues
    • Cross-site-scripting (XSS) attack holes
    • Lack of authentication and authorization systems
  • Some low risk vulnerabilities include:
    • Software library controls review
    • Cross-site request forgery
    • Secure information is hardcoded


We use following methodology for Source Code review:

Review of your software documentation, coding standards, and guidelines.

Discussion with your development team about the application.

Identification of security design issues by asking your developers a comprehensive list of security questions.

Analyze the areas in the application code which handle functions regarding authentication, session management and data validation.

Identification of un-validated data vulnerabilities contained in your code.

Identification of poor coding techniques allowing attackers to exploit them for launching targeted attacks.

Evaluation of security issues specific to individual framework technologies.