Skip to main content

Identification and Remediation of Application Vulnerabilities

Application Testing
Secure DevOps
Static and Dynamic Code Analysis
Vulnerability Management
Application Security Engineers
DevOps Engineers
Threat Analysts
Secure coding practices for three million lines of code.
The Challenge

Our client, whose software is used in highly regulated industries, lacked the ability to evaluate its source code for vulnerabilities. Two large applications with different secure software development requirements needed evaluation. In each case we needed to identify and support remediation of vulnerabilities prior to release. Application 1 included 1.7 million lines of code of C#, .NET, 45k lines of VB and required daily reviews. Application 2 had more than two million lines of code. Each application needed to be reviewed three times per year.

The Solution

Our team integrated with each application’s build process, scaling with customer requirements. Our process includes the following steps:

  • Results are analyzed and triaged based on priority and category (false positive, poor practice, valid finding)
  • Remediation steps are added to the development pipeline
The Result

As a result of our solution, our client is able to deliver third party vetted and analyzed software that is developed secure at time of creation, reducing costly reengineering once released in production, enhancing customer satisfaction and end users trust by reducing vulnerabilities.