Overview

The Secure coding vulnerability assessment identifies potential security weaknesses in source code such as coding standard violations, style issues, and error-prone code through the use of static analysis tools.

Purpose

• Verification of Secure Coding Implementation
  at the Completion of an Information System Project
• Ensures software safety and reliability by identifying and eliminating potential defects in source code
• Prevents external attacks on information systems through the early detection and remediation of security vulnerabilities

Target

• For New Development:
  Entire Source Code
• In case of maintenance :
  Entire source code changed due to maintenance

Testing Method

The secure coding assessment is conducted using static analysis tools based on the rule set provided by the applicant organization.

Test Procedure

• Application and Registration

  Submission of test applications, test products, and related documents; consultation on test items and methods

• Contract

  Issuance of quotation, execution of test contract, and payment of fees

• Test Execution

  Establishment of the test plan, test performance, and preparation and review of test reports and procedures

• Issuance of Test Report