Code Analysis and Delphi - PCI 6.3.7

[James Fryman <james () frymanet com>]

Hello all,

I am looking for some assistance here with satisfying one of our PCI  
requirements for Code Analysis. We have an internal application that  
handles CC data written in Delphi. We are looking to retire this  
application within the few years, but do not want to invest in any  
automated tool and we have not done any code analysis on this code to  
date. Our current code analyzer (Fortify) does not handle the Delphi  
language, so I'm looking externally for a 3rd party firm to take look  
at this code to look for low-hanging fruit.

What I'm looking for is recommendations of 3rd parties that handle  
Delphi code review, and any experiences (positive or negative) that  
any one of you might have experienced.

Comments welcome! Thanks!

V/R
James Fryman