Skip to content
ECQ Logo

Secure Code Review

Compromise AssessmentApplication Security AnalysisSecure Code ReviewCryptography Service
> 0x65C938A8 | CODE_0
> 0x4996D2B1 | CODE_1
> 0x0E74411F | CODE_2
> 0x8A14A62D | CODE_3
> 0x6C894F26 | CODE_4
> 0x16D51C04 | CODE_5
> 0x7E9329B9 | CODE_6
> 0xFFA9A0DA | CODE_7
> 0xFD29865F | CODE_8
> 0xE9ECFA86 | CODE_9
> 0x244B869A | CODE_10
> 0x337C847D | CODE_11
> 0x7003857D | CODE_12
> 0x8A7EF55A | CODE_13
> 0x7F593FC0 | CODE_14
> 0xD2DC311E | CODE_15
> 0x3E7F9FD6 | CODE_16
> 0xBF3B6423 | CODE_17
> 0x0BC34F8E | CODE_18
> 0xCE7AE622 | CODE_19

Secure Code Review helps identify vulnerabilities in source code of the application during the development phase and allows organizations to fix and address those identified issues before deploying to the real world.

ECQ's DRAMA code review approach offers both static and dynamic code analysis together with exploitation or Proof-of-Concept where possible to provide better severity rating for the vulnerable code block.

DRAMA code review approach contains five different phases: Define, Recon, Analyze, Manual Review, and Advise.

DRAMA Framework

DDefineRReconAAnalyzeMManual ReviewAAdvise
Step01/05
Define

ECQ works with customer to define the scope of work and gain an overall understanding of the target application such as the type of application, business purpose, the programming languages, and lines of code (LoC). ECQ Consultants also advise the methodology and framework to be used depends on the requirements and scope of work.

  • Scope definition and requirements gathering
  • Application type and technology stack analysis
  • Methodology and framework selection