SST Software – Maatwerk software Enschede
Facebook Instagram LinkedIn

code audit

A code audit is a thorough analysis of the source code of your software. Our team of experienced developers and experts examines the structure, efficiency, and security of your code to identify potential bottlenecks and vulnerabilities and assess the quality.

read more contact us

why perform a code audit?

Organizations have various reasons to perform a source code audit. Whether it is to gain insight into the overall status and quality of the software or to perform an audit in response to a request to 'take over' software, an audit software provides valuable insights. Some common reasons:


  • Questions about the quality and security of the code;
  • Questions about the scalability and maintainability;
  • Obtaining a general status of the software;
  • Insight into the costs for redevelopment;
  • Determining the costs and steps for taking into management.

types of code audits at SST Software

Due to our broad knowledge of software solutions, we are able to perform code audits in a wide range of programming languages ​​and techniques. Our knowledge includes:

  • Various programming languages: PHP, Java/Kotlin, Swift, .NET, Python, C/C++
  • Overall architecture: the overarching structure and coherence of the software design
  • Security: possible security risks and vulnerabilities
  • Maintainability: degree of maintenance, adjustment and expansion

We offer two types of audits: a quick scan audit or a customized audit. Depending on your wishes and needs, we choose an audit that suits you.

What does a quick scan audit entail?

During the quick scan, we perform a standard code audit, which consists of various components. We perform this audit in one working day and the result is an extensive management report with, among other things, the following topics:

  • Documentation
  • Code quality
  • Testing
  • Development best practices
  • Infrastructure
  • Security
  • Maintenance
  • Regulations & licenses

The quick scan is suitable for mapping the general status and quality of a project, as well as assessing security and scalability.

Costs: €1,000

request audit

what does a custom audit entail?

In addition to a standard source code audit, we also offer custom audits, in which we analyze specific issues. Think of:

  • Valuation (an estimate of the value of the software);
  • Cost indication for redevelopment;
  • Indication for taking into management;
  • Research of multiple applications;
  • Analysis of different architectures.

The output of a custom audit is fully tailored to your wishes. This can vary from a quote (valuation, redevelopment) or a complete plan of approach (taking into management) to an extensive management report.

Costs: based on assignment

request audit

why a source code audit from SST Software?

At SST Software we combine expertise with an objective view. We understand that there are multiple ways to achieve a successful software solution and tailor our approach to the nature of your application.

What you can expect from us:

  • An experienced team of senior software engineers and experts;
  • Thorough analysis of source code and project status;
  • Customized audits for a wide range of software solutions;
  • A trusted partner for improved software performance.

request code audit

Cookies are required for the contact form. Show cookie notice

fields marked with * are mandatory

Read more about our criteria

Documentation

toggle-icon

Explanation:

Complete, clear and up-to-date documentation is important to understand the software, to design extensions properly and to perform safe maintenance.

Assessment criteria:

  • Architecture documented
  • Functionality documented
  • Integrations documented
  • In-code comments sufficient

Code quality

toggle-icon

Explanation:

Software that is neatly written, adheres to prescribed structures and is built in an efficient and robust way contributes to future-proofing and maintainability.

Assessment criteria:

  • Code quality scan
  • Senior Software Engineer Assessment

Testing

toggle-icon

Explanation:

Sufficient tests and test data ensure that extensions are easier and faster to develop and that updates can be performed more safely.

Assessment criteria:

  • Types of tests
  • Quality of tests
  • Code coverage
  • Test data

Development best practices

toggle-icon

Explanation:

For the understanding of old code and the introduction of new developers, it is important that various best practices are followed.

Assessment criteria:

  • Versioning correct and traceable
  • Data migrations
  • Code style

Infrastructure

toggle-icon

Explanation:

In addition to the code itself, a modern, complete and well-documented infrastructure is also important for future-proofing and stability. This allows updates to be safely tested and rolled out to a secure production environment.

Assessment criteria:

  • Infrastructure documented
  • Infrastructure up-to-date
  • Deploy strategy
  • OTAP street present

Security

toggle-icon

Explanation:

Software is continuously a target of hacking attempts. Security is one of the most important aspects of modern software development.

Assessment criteria:

  • Potential vulnerabilities in code
  • Dependencies with potential vulnerabilities
  • Security by design

Maintenance

toggle-icon

Explanation:

Outdated software can be difficult to maintain. Support from suppliers may have ended and Software Engineers are often already used to modern and therefore better and more efficient code.

Assessment criteria:

  • Technology stack up-to-date
  • Dependencies up-to-date
  • Modern code

Regulations and licenses

toggle-icon

Explanation:

Especially with custom software, people often forget to think about licenses and their impact. Old systems in particular often lag behind current legislation.

Assessment criteria:

  • Licenses in order
  • Special legislation and regulations
  • GDPR-proof