Source Code Review

A detailed inspection of application or website source code, with the objective of identifying potential technical vulnerabilities that may be exploited in production environments.

This is a very detailed analytical process, involving deep inspection of an application, potentially including inspection of related systems or components depending on the purpose and scope of the engagement.

A review of the source code will typically involve both automated and manual techniques, incorporating steps from the OWASP Code Review Guide.

In addition, it may require deployment of the source code in a testing environment to allow dynamic analysis of sub-components and communication processes.