Source Code Review. Convercent will have a documented program for secure code reviews and maintain documentation of secure code reviews performed for all applications that store or process Customer Data.
Source Code Review. Accounting Agent must have a documented program for secure code reviews and maintain documentation of secure code reviews performed for all Internet-facing applications that store or process Xxxxxx Confidential Information.
Source Code Review. Custodian must have a documented program for secure code reviews and maintain documentation of secure code reviews performed for all Internet-facing applications that store or process Sxxxxx Confidential Information.
Source Code Review. Reviewers will review and evaluate overall system architecture and security, as well as relevant source code of the software and firmware used in the voting system, including: election management applications for election definition, ballot definition and layout, vote tabulation and reporting, auditing and security enforcement; firmware, software applications, non-COTS (commercial off-the-shelf) device drivers and customized or custom-developed operating systems of all vote recording devices, ballot marking devices, ballot scanning and tabulation devices and related peripherals (such as devices used to program voter access cards). The Reviewers may, at their discretion, review and evaluate any COTS components. The source code review will primarily focus on and seek to identify any security vulnerabilities that could be exploited to alter vote recording, vote results, critical election data such as audit logs, or to conduct a “denial of service” attack on the voting system. The review will include, but not be limited to: ▪ Adherence to coding format conventions and standards; ▪ Program logic and branching structure; ▪ Commonly exploited input and output vulnerabilities, such as buffer overflows; ▪ Error and exception handling; and Embedded, exploitable code (such as “Easter eggs”) that can be triggered to adversely affect the system. The source code reviewers will identify for the SOS any software tools necessary to facilitate this analysis. Upon mutual agreement as to necessity, availability and cost, the SOS agrees to purchase and make those software tools available to the reviewers. The SOS will be responsible for obtaining and providing all required source code from the voting system vendor. The source code reviewers will coordinate their efforts and findings with team members reviewing system documentation and team members conducting the red team/penetration testing. Reviewers may communicate for this purpose by telephone and by encrypted e-mail, or any other communication method of equivalent security that has been approved in writing by the UC Principal Investigators. Reviewers will conduct “red team” or “penetration” testing, of the functions and performance of voting systems, to identify and document vulnerabilities, if any, to tampering or error that could cause incorrect recording, tabulation, tallying or reporting of votes or that could alter critical election data such as election definition or system audit data. This testing will be conducted ...
Source Code Review. The Purchaser and Parent shall have conducted their review, analysis, examination and testing of the Source Code in the manner set forth in
Source Code Review. Until the Closing, Jacada shall have the right to review and evaluate the Licensed Technology. Based on its review, Jacada may determine in its sole discretion that it does not desire to license the Licensed Technology. In this event, Jacada shall be entitled to terminate this Agreement upon written notice to Licensor without liability.
