Application Assessment

Anubavam's Application Assessment (Auditing) process involves a number of integrated tools and engineering tasks in order to identify, de-couple, assess, disseminate and understand an application in its most granular form. Once broken down into its most basic elements, an application can be fully understood. Upon completion of the entire audit process, the application and its related elements are in a position to be leveraged for forward engineering, re-engineering, re-writing, re-platforming or reused by component to customize a software package or integrate functionality and or rules with another application.

Anubavam has developed several tools to automate the following steps in our Application Assessment process:

Source Audit   Data Audit   Architecture Audit   Performance Audit   Security Audit   Portability Audit

The objective of the auditing process to get a clean source code that follows all rules with required documentation

The process will verify the Coding style and automatically align the source code and apply required style.   It will generate list places where the documentation is missing.   It will also generate a report of line numbers and describe the potential errors such as null pointer, possible exception and so on.   The process will find all the duplicate code found in the project and list them all.   Unused or dead code will be found during this automated process and reported.   We will measure the Cyclomatic Complexity each methods, reducing complexity improves the performance of the application.

Data Auditing process to verify the Schema / ER Diagram for best practices. We also check possible places for SQL Injection. During this assessment process we will advice the possible places where Stored Procedures can be optimized.

Architecture Audit is necessary to understand the overall structure of the system and the intent of that structure. This is one of the important process in Application assessment process. There were reasons as to why a particular architecture was chosen, although that reasoning may have been forgotten over the years. The Architecture Audit produces many findings, some mundane and some very insightful and valuable. The following items are a few examples of what is verified during this process.

Application Framework   Application layers   Generation of Class Diagrams and various other UML diagrams   Application overview diagram for executive level understanding   Programming paradigms   Design constraints

During the performance audit, Anubavam will help you spot barriers to full performance of your application. When your application is assessed by experienced Java Architects, the underlying cause of performance problems can be quickly identified, and then addressed.

Bottleneck identification.   I/O analysis   Potential Query Optimization.   OS and file system performance.   Code evaluation relative to coding best practices.   Communication bottlenecks.   Web server performance.   Profiling.   Database analysis .   Query analysis .

Cross site request forgeries.   JavaScript vulnerabilities.   Header injection.   Script security analysis.   Session security.   Shell execution security analysis.   Penetration testing.   Web Server Configuration analysis.   Output analysis.   Input filtering analysis.   SQL injection.   Dirty data analysis.   Cross site scripting vulnerabilities.