This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Code Review V2 Table of Contents"

From OWASP
Jump to: navigation, search
Line 53: Line 53:
 
## Previous version to be updated: [[https://www.owasp.org/index.php/Security_Code_Review_in_the_SDLC]]
 
## Previous version to be updated: [[https://www.owasp.org/index.php/Security_Code_Review_in_the_SDLC]]
 
====Deployment Models====
 
====Deployment Models====
=====Secure deployment configurations====
+
=====Secure deployment configurations=====
 
#Author - Ashish Rao
 
#Author - Ashish Rao
 
## New Section
 
## New Section

Revision as of 02:26, 18 April 2013

OWASP Code Review Guide v2.0:

Forward

  1. Author Eoin Keary
    1. Previous version to be updated:[[1]]

Code Review Guide History

  1. Author - Eoin Keary
    1. Previous version to be updated:[[2]]

Introduction

  1. Author - Eoin Keary

What is source code review and Static Analysis

  1. Author - Zyad Mghazli
    1. New Section

Manual Review - Pros and Cons

  1. Author - Ashish Rao
    1. New Section
      1. Suggestion: Benchmark of different Stataic Analysis Tools Zyad Mghazli

Why code review

Scope and Objective of secure code review

  1. Author - Ashish Rao

We can't hack ourselves secure

  1. Author - Prathamesh Mhatre
    1. New Section

360 Review: Coupling source code review and Testing / Hybrid Reviews

  1. Author - Ashish Rao
    1. New Section

Can static code analyzers do it all?

  1. Author - Ashish Rao
    1. New Section

Methodology

The code review approach

  1. Author - Prathamesh Mhatre

Preparation and context

  1. Author - Open
    1. Previous version to be updated: [[3]]

Application Threat Modeling

  1. Author - Andy, Renchie Joan
    1. Previous version to be updated: [[4]]

Understanding Code layout/Design/Architecture

  1. Author - Ashish Rao

SDLC Integration

  1. Author - Andy, Ashish Rao
    1. Previous version to be updated: [[5]]

Deployment Models

Secure deployment configurations
  1. Author - Ashish Rao
    1. New Section
Metrics and code review
  1. Author - Andy
    1. Previous version to be updated: [[6]]
Source and sink reviews
  1. Author - Ashish Rao
    1. New Section
Code review Coverage
  1. Author - Open
    1. Previous version to be updated: [[7]]
Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Code_Review_V2_Table_of_Contents&oldid=150028"