VCD IT Group is one of the larger independent ICT companies that in in various segments in the Netherlands, is in the top three. VCD IT Group develops many (web) applications for, among other things, healthcare. ITsec has reviewed the source code of one of VCD IT Group’s products. The review was performed in an iterative manner, with smart tools and proprietary scripts.
ITsec has tested the source code of one of the products for situations that can lead to abuse. ITsec examined which components within the software possibility lead to unintended operation of the application. What can happen if a vulnerability is successfully exploited? Our approach was iterative: the findings and recommendations were discussed with the developers daily. Improvements were made right away.
ITsec used smart tools and proprietary scripts for the review of the code. This identified clues that could lead to incorrect handling, both in the internal processing of functions and in the call and response between functions. The product’s source code became inherently secure. Security is guaranteed by iterations.