Security Code Reviews

Posted on January 15, 2007 by Dragan Pleskonjic

Recently I read again interesting article in IEEE Security & Privacy magazine by Michael Howard, “A Process for Performing Security Code Reviews,” IEEE Security & Privacy, vol. 4, no. 4, July/August 2006, pp. 74-79. That very good article starts with:

No one really likes reviewing source code for security vulnerabilities; it’s slow, tedious, and mind-numbingly boring. Yet, code review is a critical component of shipping secure software to customers. Neglecting it isn’t an option.

Absolutely true. Read full article here.

Share

About Dragan Pleskonjic

Chief Security Officer, University Lecturer, Entrepreneur, Security Researcher, Security Architect & Adviser, Software Development Manager. More info about Dragan Pleskonjic.
This entry was posted in Books, Magazines and Journals, Secure Programming. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>