This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Code Review Guide Table of Contents

From OWASP

Revision as of 12:09, 28 June 2006 by Jwalden (talk | contribs) (→‎References)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

1 Introduction
2 Buffer Overruns and Overflows
3 OS Injection
4 SQL Injection
5 Data Validation
6 Error Handling
7 The Secure Code Environment
8 Transaction Analysis
9 Automating Code Reviews
10 References

Introduction

Buffer Overruns and Overflows

OS Injection

SQL Injection

Data Validation

Error Handling

The Secure Code Environment

Transaction Analysis

Automating Code Reviews

References

Brian Chess and Gary McGraw. "Static Analysis for Security," IEEE Security & Privacy 2(6), 2004, pp. 76-79.
M. E. Fagan. "Design and Code Inspections to Reduce Errors in Program Development," IBM Systems J. 15(3), 1976, pp. 182-211.
Tom Gilb and Dorothy Graham. Software Inspection. Addison-Wesley, Wokingham, England, 1993.
Michael Howard and David LeBlanc. Writing Secure Code, 2nd edition. Microsoft Press, Redmond, WA, 2003.
Gary McGraw. Software Security. Addison-Wesley, Boston, MA, 2006.
John Viega and Gary McGraw. Building Secure Software: How to Avoid Security Problems the Right Way. Addison-Wesley, Boston, MA, 2001.
Karl E. Wiegers. Peer Reviews in Software. Addison-Wesley, Boston, MA, 2002.

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Code_Review_Guide_Table_of_Contents&oldid=6965"

OWASP Code Review Project