Code Experts was founded in 2009 and was for many years an exclusive partner for Black Duck Software in Europe.
Today we serve clients globally. Our experienced team of auditors has performed more than 1000 Open Source Software – and IT security audits.
We are a trusted audit partner to world leading technology companies, private equity firms, financial institutions, law firms, etc.
We are a large team here to help you. We pride ourselves of the high quality in our audits, speed and our flexibility to accommodate specific client requirements.
OSS may be “free”, but this does not mean that it is free of licenses and obligations
Why OSS audits
(Al)most all leading VCs, private equity firms and technology companies are requesting a source code diligence to assess the risk when considering to invest in or acquiring software intensive assets.
An OSS audit will quickly identify the use of OSS, OSS licenses & obligations and potential security risks. A Buyer uses this to identify the risk involved in the acquisition and potential remediation work.
Too many unpleasant findings often lead to a significant reduction in the valuation of the Target, postponing or even a No-Go Deal!
Why IT security audits
Merging with an acquired new company requires a proper handling of the potential IT security challenges that automatically will arise.
High quality IT security audits of the Targets infrastructure, applications, web-sites, domains, APIs, etc. will quickly identify potential IT security risks and what actions are needed to be taken.
The quality of an IT security audit highly depends on the tools and skill-set of the IT security tester(s). Unfortunately these resources are in high demand and most penetration tests today therefore lack in-depth quality.
By using only the best IT Security Researchers in the world and by using many of these at the same time, we provide the best IT security audits available today
How we work
Speed and high quality are important factors for our clients when selecting their partner for open source and IT security audits
OSS Audit Process
An OSS audits can be done remotely, on-site or with the assets uploaded to one of our data centres. Once an audit has been completed, an in-depth report will be provided together with an executive summary. Our team stand ready for walk-through sessions and in-depth talks about the findings, licenses, etc.
Should you like to receive updates during the process of the audit of the findings, such can be provided at no extra cost.
OSS Audit Cost
For an OSS audit, the cost and timeline depends on the amount of code and type of file. Using our Code Estimator Tool, you can quickly create a report that identifies the amount of code (MB/GB) and type of files. Please send us the report and we can provide you with a quote within a few hours.
IT Security Audits Process
An IT Security Audits will run for 2 weeks and can be started within 48 hours. Once you have identified the list of potential target assets for the IT security Audit, we will set up a call to discuss priorities, bundles, etc.
You will be given real-time insight to all findings as they are found and validated. You will be able to ask unlimited amount of questions to the researchers concerning each of the vulnerabilities found. For all vulnerabilities, remediation advices and solutions are given, and once you have implemented a patch, we will re-audit the target to verify that the vulnerability no longer exists.
IT Security Audits Costs
Our IT security audits are done on a fixed flat fee, regardless of the amount of vulnerabilities found and testing hours spent. A fixed quote is provided shortly after the call, when the list of target assets have been confirmed.
Contact
Code Experts S.L. Reg. No. B55027908
Phone: +34 608 49 66 84
hello@codeexperts.eu