code-review.md · murplz, inc

explorer

▾ murplz, inc 3srom.dev

≡index.md ⬡services.cs ◈about.lua ⚙contact.toml

▸ ▸ solutions/

⬡secure-dev.md ⬡code-review.md ⬡methodology.cs

▸ ▸ industries/

≡federal.md ≡defence.md ≡critical-infra.md

▸ ▸ partners/

≡teaming.md ≡bench.md

▸ ▸ resources/

≡insights.md ≡capability.md

▸ ▸ legal/

≡privacy.md ≡terms.md

links

⌥github/3srom

⌥github/murplz

# solutions/code-review.md
 
# Secure Code Review
 
We read existing .NET codebases line-by-line and
produce remediation reports mapped to OWASP Top 10
and ITSG-33 controls. Findings are prioritized by
exploitability and business impact, not raw severity.
 
## deliverables
 
- Executive summary (non-technical, for sponsors)
- Findings register (CVE-style entries with CWE mappings)
- Remediation guidance (specific code changes, not generic advice)
- Re-test report after fixes
 
## scope options
 
- Full codebase review
- Pre-release security gate
- Third-party module audit
- Incident-driven targeted review
 
## delivery model
 
Fixed-scope engagements. Typical turnaround 2-6
weeks depending on codebase size.
 
## related
 
- methodology.cs  // the framework we apply
- secure-dev.md  // for greenfield projects

Find Files

≡index.mdmarkdown

⬡services.cscsharp

◈about.lualua

⚙contact.tomltoml

⬡solutions/secure-dev.mdmarkdown

⬡solutions/code-review.mdmarkdown

⬡solutions/methodology.cscsharp

≡industries/federal.mdmarkdown

≡industries/defence.mdmarkdown

≡industries/critical-infra.mdmarkdown

≡partners/teaming.mdmarkdown

≡partners/bench.mdmarkdown

≡resources/insights.mdmarkdown

≡resources/capability.mdmarkdown

≡legal/privacy.mdmarkdown

≡legal/terms.mdmarkdown