Performing a secure code review can be a very time consuming task. Not only do you have to have a solid, in-depth knowledge of the technologies used, but you have to be able to understand complex tasks without seeing them at runtime.
Of course, there are static analysis tools that can help perform a code review, but they are not able to identify all types of vulnerabilities. Sometimes it is tough to have enough staff to perform secure code reviews in-house, and it is a good idea to have an external set of eyes to stay neutral.
DevelopSec can help offset your resources to provide professional secure code review services. We have extensive experience performing secure code reviews on .Net applications.