Technical Due Diligence

Putting Software to the Test –

Identify Application Weak Spots

Don’t buy a pig in a poke: Strategic investments in a software tool should not be based on a “gut feeling.” Potential risks hidden in the code and the general architecture mean that you need to scrutinize the application with great care to avoid expensive surprises down the road.

A Technical Due Diligence (TechDD) aims to evaluate the security, robustness and sustainability of an innovative software solution and the associated development and maintenance processes.

Our customers are strategic investors who want to integrate software into their portfolios, as well as security-oriented IT organizations that smartly insist on scanning applications for vulnerabilities before deploying them. As part of the technical due diligence service, we perform a “red flag” analysis to pinpoint critical security vulnerabilities, identify the technical debt comparison with the state of the art, recommendations technical and procedural improvements and present the key facts at a glance management summary.

Depending on the agreed scope, we will provide you with our in-depth analysis of the technical basis, compliance and future viability of an application within a very short time.

A Technical Due Diligence Check Brings all the Unknowns to Light

Analysis of non-functional requirements such as certification, performance and scalability

Documentation review incl. examination of the technical and user documentation regarding completeness, comprehensibility and maintenance

Analysis of IT security and data protection, optionally with penetration test

Analysis of the data and information flows inside and outside the solution/company

Analysis of the software architecture including interfaces to other relevant systems

Static code analysis of the software for conformity with standards as well as security aspects, comprehensibility, maintainability and robustness

Assessment of the operating strategy with recommendations for development, deployment and operation (DevOps) in the data center or via the cloud

Revision of the development and support processes

Analysis of technical debts and a strategy for reducing them, including a cost estimate if necessary

Stakeholder analysis with documentation of stakeholders, roles and rights

This is how our experts carry out the technical due diligence:

Project scope

coordinate the required service modules

Interviews

go into the details with stakeholders and experts

Screening

analysing documents, codes, databases

IT Security

identify technical and organizational weaknesses

Data protection

professional and technical assessment

Reports

management summary, red flag analysis, create detailed report

Conclusion

presentation, further steps

Optional

training of staff, penetration tests

Do you have questions about the technical due diligence service or a specific project? We are happy to assist you with putting your systems to the test!

Your contacts

Dr. Matthias Besch

matthias.besch@metafinanz.de
+49 89 3605315619

Fabian Heinrich

fabian.heinrich@metafinanz.de
+49 89 3605 3160 04