Putting Software to the Test –
Identify Application Weak Spots
Technical Due Diligence
Don’t buy a pig in a poke: Strategic investments in a software tool should not be based on a “gut feeling.” Potential risks hidden in the code and the general architecture mean that you need to scrutinize the application with great care to avoid expensive surprises down the road.
A Technical Due Diligence (TechDD) aims to evaluate the security, robustness and sustainability of an innovative software solution and the associated development and maintenance processes.
Our customers are strategic investors who want to integrate software into their portfolios, as well as security-oriented IT organizations that smartly insist on scanning applications for vulnerabilities before deploying them. As part of the technical due diligence service, we perform a “red flag” analysis to pinpoint critical security vulnerabilities, identify the technical debt comparison with the state of the art, recommendations technical and procedural improvements and present the key facts at a glance management summary.
Depending on the agreed scope, we will provide you with our in-depth analysis of the technical basis, compliance and future viability of an application within a very short time.
A Technical Due Diligence Check Brings all the Unknowns to Light
Analysis of non-functional requirements such as certification, performance and scalability
Documentation review incl. examination of the technical and user documentation regarding completeness, comprehensibility and maintenance
Analysis of IT security and data protection, optionally with penetration test
Analysis of the data and information flows inside and outside the solution/company
Analysis of the software architecture including interfaces to other relevant systems
Static code analysis of the software for conformity with standards as well as security aspects, comprehensibility, maintainability and robustness
Assessment of the operating strategy with recommendations for development, deployment and operation (DevOps) in the data center or via the cloud
Revision of the development and support processes
Analysis of technical debts and a strategy for reducing them, including a cost estimate if necessary
Stakeholder analysis with documentation of stakeholders, roles and rights
This is how our experts carry out the technical due diligence:
Project scope
coordinate the required service modules
Interviews
go into the details with stakeholders and experts
Screening
analysing documents, codes, databases
IT Security
identify technical and organizational weaknesses
Data protection
professional and technical assessment
Reports
management summary, red flag analysis, create detailed report
Conclusion
presentation, further steps
Optional
training of staff, penetration tests
Do you have questions about the technical due diligence service or a specific project? We are happy to assist you with putting your systems to the test!
Your contacts
fabian.heinrich@metafinanz.de
+49 89 3605 3160 04
