Static and dynamic code analysis or source code analysis is one of the essential building blocks of the Security Development Lifecycle (SDL). The code analysis service we provide as AQM implements the open-source code by experts in software security, with vectorial perspectives suitable for the structure and with trials on the running application. The company receiving the service will have the chance to make its product safer with the information about the 0-day (*first time detected) vulnerabilities on the product obtained from the analysis.

Some of the vulnerabilities we uncovered as a result of our static code analysis are as follows;

  • Buffer Overflow
  • Dangling Pointers
  • Race Conditions
  • Format String Attacks
  • SQL Injection
  • Code Injection
  • Cross-Site Scripting
  • Cross-Site Request Forgery
  • Local/Remote File Inclusion
  • Denial of Service