Where possible, says Jack Mannino, CEO at nVisium, security organizations should consider analyzing the code itself, using a third party if needed. “In many cases, software is backdoored using techniques that evade simple detection,” Mannino says.

Exploring as many code paths through the software as possible, following control flows, and understanding how the software behaves are keys to unearthing potentially hidden security issues in the software, he adds.

Read the entire article here!