Scribd
Upload
214 views7 pages

Talakunchi - Scoping Questionnaires (Combined)

The document contains a request for application security review and secure code review services for multiple applications. It requests details about the applications such as name, type, description, programming languages used, third party libraries, number of pages/screens, lines of code, privilege levels, and regulatory requirements. It also requests infrastructure details like internal and external IP addresses, number of firewalls, hosting type, and cloud provider if applicable. Finally, it includes a request for a secure configuration audit providing details of servers, security devices, and networking equipment in use.

Uploaded by

Its greyer than you think
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
214 views7 pages

Talakunchi - Scoping Questionnaires (Combined)

The document contains a request for application security review and secure code review services for multiple applications. It requests details about the applications such as name, type, description, programming languages used, third party libraries, number of pages/screens, lines of code, privilege levels, and regulatory requirements. It also requests infrastructure details like internal and external IP addresses, number of firewalls, hosting type, and cloud provider if applicable. Finally, it includes a request for a secure configuration audit providing details of servers, security devices, and networking equipment in use.

Uploaded by

Its greyer than you think
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Application Security & Secure Code Review

Customer Details Name


Point of Contact
Developer

Query Application 1
Name of the Application
Type of Application Web / Mobile / Webservices
Standard (please provide vendor) /
Nature of Application
Custom
Description
Application Version
Programming Language used PHP
Framework used No framework
No 3rd party libraries on PHP / HTML
3rd Party Libraries used
shall have a few
Integration with 3rd Party API No 3rd party API
No of Pages / Screens 15-20 Screens
Lines of Code (Total) Approx 1000 LOC
Privilege Levels Admin, User
Testing Location Onsite / Offshore
Regulatory Standard requirements
Additional Information
Application Security & Secure Code Review

Contact Phone

Application 2 Application 3

Web / Mobile / Webservices Web / Mobile / Webservices


Standard (please provide vendor) / Standard (please provide vendor) /
Custom Custom

Onsite / Offshore Onsite / Offshore


Email

Application ..n

Web / Mobile / Webservices


Standard (please provide vendor) /
Custom

Onsite / Offshore
Infrastructure VA-PT

Customer Details Name Contact


Point of Contact
Administrator

# Query Customer Response

1 No of Internal IP addresses (Intranet)


Are internal IP address accesible from remote
1.1 Yes / No
via VPN
1.2 Number of Locations
Are internal IP addresses accesible from single
1.3 location Yes / No

2 No of External IP addresses (Internet)


3 Is authenticated testing expected? Yes / No
4 Hosting Type Cloud / On-Prem
5 Cloud Service Provider (If applicable)
6 No of Firewalls
Phone Email
Secure Configuration Audit
Customer Details Name Contact
Point of Contact
Administrator

Query Customer Response


#
Type Make Version
Servers
- Operating System
- WebServer
- Database
Security Devices
- Firewall
- IPS/IDS
- WAF
- DLP
- Proxy
Networking Devices
- Router
Add all varients of servers, devices on separate lines
Phone Email

Qty

You might also like