Source Code Analysis
Companies today are under constant attack from criminal hackers and other malicious threats. As their networks have become more secure, attackers have turned their attention to the application layer, which now contains the majority of all vulnerabilities. To increase protection, security managers must perform detailed source code analysis when developing or buying software. Yoroi offers a revision of the code activity that pays particular attention to intrinsic vulnerabilities. In accordance with ISO/IEC 9126 standards, we analyse the quality of the developed software by identifying and evaluating the so-called 'bad smells' (rigidity, fragility, stillness, viscosity and opacity) and then look at the code security analysing absence of checks, use of vulnerable libraries, arrays of incorrect authentication, XSS, buffer overflows, broken authentication, session management, insecure object references, misconfiguration, sensitive data exposure and CSRF.