All software project has a different attack surface. This is why we always start our audits with threat modeling, where we map out ideas of how attackers could profit from exploiting each part of the target and list the most likely attack scenarios. The threat model provides guidance for the design, implementation, and security testing of the software will help create protection across the availability, integrity and confidentiality dimensions.
Design and Coverage check
The security design coverage check assesses theoretical hacking risks to your system. We review the software design for coverage of the relevant attack scenarios. This check uses the security goals defined in the threat model as a basis. Together with core developers we determine the maturity of each component to help us steer our focus to review-ready parts of the codebase. We also define assumptions to record what is needed to reach identified security goals. These assumptions provide guidance for issue identification and remediation.
Hybrid baseline assurance process
A hybrid approach for baseline assurance tests whether the security premises hold up in practice. We assess the implementation of the software system, discovering as many hacking vectors as possible and pursuing the most promising ones. Our security research team establishes assurance through a hybrid test approach, coupling dynamic testing (e.g., fuzz testing) and manual code review.
We work in close collaboration with core developers of the software project to report and remediate the discovered potential issues. We also conduct a second review of components once a fix is available. For the bug fix verification we often repeat the test cases executed during the baseline check phase.