This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Code Review Guide Table of Contents"

From OWASP
Jump to: navigation, search
Line 15: Line 15:
 
==[[Automating Code Reviews]] ==
 
==[[Automating Code Reviews]] ==
 
==[[References]]==
 
==[[References]]==
# Brian Chess and Gary McGraw.  "Static Analysis for Security," ''IEEE Security & Privacy'' 2(6), 2004, pp. 76-79.
 
# M. E. Fagan.  "Design and Code Inspections to Reduce Errors in Program Development," ''IBM Systems J.'' 15(3), 1976, pp. 182-211.
 
# Tom Gilb and Dorothy Graham.  ''Software Inspection''.  Addison-Wesley, Wokingham, England, 1993.
 
# Michael Howard and David LeBlanc.  ''Writing Secure Code, 2nd edition''.  Microsoft Press, Redmond, WA, 2003.
 
# Gary McGraw.  ''Software Security''.  Addison-Wesley, Boston, MA, 2006.
 
# John Viega and Gary McGraw.  ''Building Secure Software: How to Avoid Security Problems the Right Way.''  Addison-Wesley, Boston, MA, 2001.
 
# Karl E. Wiegers.  ''Peer Reviews in Software''.  Addison-Wesley, Boston, MA, 2002.
 
 
  
 
[[Category:OWASP Code Review Project]]
 
[[Category:OWASP Code Review Project]]

Revision as of 12:10, 28 June 2006

Introduction

Buffer Overruns and Overflows

OS Injection

SQL Injection

Data Validation

Error Handling

The Secure Code Environment

Transaction Analysis

Automating Code Reviews

References

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Code_Review_Guide_Table_of_Contents&oldid=6966"