Source Code Reviews
When developing a new application, no matter if it is embedded or web based, source code problems can provide unexpected failures or even data and server compromise. En Garde identifies the specific areas of the application, based on the architecture and data paths, that may be at risk to attack and can perform in depth source code analysis to determine the security present.
En Garde performs semantic and syntactic analysis on primary application and script code to identify exploitable vulnerabilities. Common problems include buffer overflows in user supplied data, trust of untrustworthy data and communication paths, allowing users to change critical or confidential information, or allowing malicious users to access information that is not authorized. Recommendations will usually include actual source code changes that can be implemented to the system or alternate designs for software architecture problems.