Systems evolve over time, necessitating testing of each new application you use or every service you add. The security of newly developed applications can be assured, however, by performing an ESTec code audit, which looks for evidence of unauthorized or unintended functionality for the new offering or application, and for any unexpected vulnerabilities where an intruder might create a failure of the software.

Sample Case

Customer: Canadian Mutual Fund Company
Services: Code Audit
Problem: The mutual fund was preparing to incorporate in its services an Internet-enabled application. Since the application handled sensitive information for sales reps in the field, management needed to be certain that the application was secure before initiating its use across the client-base.
Solution: An ESTec programmer reviewed the web development company's new software to determine its safety after installation. ESTec identified 8 places where buffer overflows were not being properly handled. Any one of these would have made it possible for the intruder to gain unauthorized access to information stored on the web server.
Results: The software was reconfigured and changes in its code were made by the developer. The mutual fund has found the changed software fully functional and has experienced no security loss since initiation.