Source Code Review

Source Code Review

"A pair of trained eyes is like a Specialist Doctor, who can pick up signals that automated tools may not detect ..."

Manual source code review forms the basis of traditional security evaluation methodology. This methodology refers to the review of target source codes using manual trained expertise to identify potential backdoors, Trojans and vulnerabilities.

Though manual source code reviews are often time and resource intensive, such methodology not only complements automated analysis, it actually provides added level of assurance. Combining with automated analysis methods, trained manual source code reviews on targeted segments could detect signatures that are not yet formalized under the automated analysis database. Also, trained experts could add in heuristic intelligence reviews over the automated analysis.

The true effectiveness of manual source code reviews is a direct relationship to the degree of expertise in the review team. Just like in a Formulae One car race, one cannot win a race with just a powerful car, one needs a trained expert driver who knows how to push the car to the limit. This is where CBIS Labs excels. We are the experts in a manual source code review, we are the one that can push the evaluation to the limit.