Salus code reviews can identify exploitable flaws which cannot be found in normal application assessments. The value of having access to code is that it allows consultants to identify potentially high-risk flaws which would not otherwise be visible, including:

• Stored credentials or improper authentication and authorisation practices.
• Unreferenced API methods, parameter values, or endpoints with functionality that can be abused by an attacker that is not displayed within normal user behaviour.
• Vulnerable code paths, which are difficult to spot within the confines of normal application usage;
• Vulnerable server-side calls which may allow onward compromise but do not display significant information during normal usage;
• Any possibly vulnerable code that may need submission of specially crafted attacks to trigger exploitation, such as code that manipulates inputs in a specific way for application consumption.

It should be noted that whilst secure code reviews are an effective identifier of specific classes of vulnerability such as those relating to input validation, more value can be provided through the addition of practical penetration testing activities, such as web application or API testing, which excel at identifying complex logical vulnerabilities that may not be apparent from a single source code review.