KTC Software Audit Package

Fascinate your customers with your clean software product

Does your software product contain any security, license, operational or quality risks? Are there any hidden security vulnerabilities in the Open Source libraries it uses? What technical debt or legacy code is hidden in the software product?

Get an audit of your software product using best in class technologies like Black Duck® Hub scanning or Flexera and SonarQube. We analyze all common programming languages – including C, C++, C#, Java, JavaScript, PHP, Python.

Light Audit Report

  • Sonar Analysis Report
  • one time scan
  • one application
  • up to 250 MB**

Standard Audit Report

  • incl. Basic Audit Report
  • BOM – Bill of Material and Licenses
  • Analysis of Security, Compliance and Operational Risks
  • using Black Duck® Hub / Flexera

Advanced Audit Report

  • incl. Basic Audit Report
  • incl. Advanced Audit Report
  • one day on site workshop
  • discussion of the results
* Please note that all prices are excluding VAT. Terms and conditions of KTC – Karlsruhe Technology Consulting GmbH apply in their current version. ** managed code size (source code incl. all libraries/dependencies)

Our Audit Report includes:

  • BOM – Bill of Material and licenses of all used Open Source libraries
  • Analysis of Security Risk (CVE – Common Vulnerabilities and Exposures, NVD – National Vulnerability Database)
  • Analysis of Compliance Risk (e.g. license issues)
  • Analysis of Operational Risk (e.g. outdated libraries)
  • Reliability Rating (what common bugs are included in your software product)
  • Security Rating (e.g. OWASP)
  • Code Maintainability Rating (e.g code complexity and duplications)
  • Test Coverage (currently only for Java and JavaScript)
  • Technical Debt (in developer time respectively EUR)

You get a complete audit report, which accesses potential risks for you and your customers. Depending on your requirements, you choose the right flat-price package.