A code review is useful when an organization is unsure of the current state of their software application(s) and would like to have it evaluated to determine factors that will impact current or future business decisions such as: 

Viability for extending or modifying 
functionality of the software 

Reasonability for integration with 
other platforms or modern systems 

Reviewing potential security or 
reliability risks 

Scaling of the software to a broader user base 

Ensuring maintainability - the ease, cost 
and risk associated with keeping 
software up-to-date 

Identifying level of technical debt

What does it include?

The effort includes a review of the application architecture, technology stack and source code. Manual code inspection, exploratory testing and automated static analysis tools are used to evaluate application maturity and suitability for desired enhancements. Findings may include potential issues in the areas of code quality, security, maintainability, scalability and testing.   

Key factors considered

We employ automated analysis tools and industry measures such as Cognitive Complexity, yielding method complexity scores that result in fairer relative assessments than have been previously available. Key factors considered include: 

Maintainability and Extensibility

Code maintainability is a qualitative 
measurement of how easy it is to make changes, and the risks associated with such changes. The central theme of 
extensible applications is that 
developers should be able to add new features to code or change existing functionality without it affecting the 
entire system. Specific areas we look for are complexity, testability, readability 
and documentation to answer the 
question: Is it obvious and safe for a 
developer to make changes to the code? 


Ensuring the code meets current security standards and best practices for authentication,  authorization, user roles, data validation, cryptography. In essence, are there vulnerabilities making it easy for a malicious user to circumvent or break the system? 


Here we evaluate the user experience, runtime performance, database query and algorithmic complexity. We look to identify whether there are obvious areas for improving perceived user performance and experience. 

What doesn’t it include?

Review of specific application functionality for intended use cases.

What will you get upon completion?

Upon completion, Envative will deliver a comprehensive review of findings to include:

Apparent security concerns including a list of potential vulnerabilities, missing information, security best practices andactionable recommendations. 

Reasonable options for achieving intended goals. 

Summary of the overall architecture and 
code structure findings. 

General recommendations for improvement. 

Issue/Goal-specific recommendations.

Future design considerations. 

Key Takeaway

A code review engagement with Envative will result in an objective and well-informed understanding of a business’s Mobile App(s) code and its positioning for desired enhancements or other future business goals.



Envative Rochester
550 E Main St
2nd Floor
Rochester, NY 14604
T: 585.327.5640

Envative Philly
290 King of Prussia Road
Suite 112
Wayne Pa 19087
T: 484.232.9202‬