Secure the DNA
of your applications

What is Source Code Review?

Source code review, also known as Security Code Review is the process of auditing the source code for an application to verify that the proper security controls are present, that they work as intended, and that they have been invoked in all the right places. Code review is a way of ensuring that the application has been developed to be “self-defending” in its given environment.

Some vulnerabilities may not be uncovered during the process of penetration testing; security code review is the best avenue to uncover those vulnerabilities. Some of these application vulnerabilities may be introduced by the application developer either knowingly or unknowingly, such as application “Easter Eggs”, Logic Bombs, and even Backdoors.


At LGMS, all security code reviews are professionally done in a combination of human effort and technology support.

A heavy emphasis from our part is the qualification of the code reviewer. All of our code reviewers have application development backgrounds and specialize in different programming languages, respectively.

LGMS always believe that Human reviewers are necessary to fill in for the significant blind spots where automated tools simply cannot check.

All security code review reports are 100% meeting the compliance requirements of PCI DSS, Monetary Authority of Singapore (MAS) Technology Risk Management Guidelines, Association of Banks in Singapore (ABS) Cloud Computing Implementation Guide.

LGMS executive director and senior IT security consultant Fong Choong Fook (left) after sealing the partnership with TÜV Nord Malaysia general manager Bill Kong.

What Programming Languages Expertise Do We Have?

A general rule of thumb is that penetration testing should not discover any additional application vulnerabilities relating to the developed code after the application has undergone a proper security code review.

As of January 2016, we have reviewed more than 50,000,000,000 lines of code, and the numbers are still growing. LGMS security code reviewers are well versed in the following programming languages:

  • Java

  • C#

  • C/C++

  • VB.NET

  • VB6

  • VB5

  • Visual C

  • Visual C

  • JavaScript and commonly used frameworks

  • Node.JS and commonly used frameworks

  • VBScript

  • PHP

  • Perl

  • ASP

  • ASPX

  • Apex and VisualForce

  • Ruby

  • HTML5

  • Python

  • Scala

  • Groovy

  • Android (Java)

  • Objective C

  • Swift

  • PhoneGap and commonly used frameworks

More About LGMS

Let’s understand how LGMS could help to secure your business.

Has MySejahtera helped curb Covid-19?
The original article “Has MySejahtera helped curb Covid-19?” was published by K. Kathirg...
活力加油站 (Living Delight) -网络安全成隐忧?
完整视频”网络安全成隐忧?”来自 活力加油站 新冠肺炎(COVID19)疫情期间, 居家办公已逐渐成为常态。然而,这趋势背后却隐藏着网路安全的隐忧。 大马电台 八度空间 (8TV) 活力加油站 采访了...
The original article was published by SHIVANI SUPRAMANI at The Sun Daily. Cost and functionality the main factors considered when buying device that is both a work tool and status symbol PETALING JAYA: It is inconceivable that anyone would go without a smartphone today. Statistics show that there are an estimated 30.41 million smartphone users in […]