This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Education and cultural change

From OWASP
Revision as of 09:08, 9 January 2007 by EoinKeary (talk | contribs)

Jump to: navigation, search

Educating developers to write secure code is the paramount goal of a secure code review. Taking code review from this standpoint is the only way to promote and improve code quality. Part of the education process is to empower devlopers with the knowledge in order to write better code.
This can be done by providing developers with a controlled set of rules which the developer can compare their code to. Automated tools provide this functionality and also help reducing the overhead from a time perspective. A developer can check his/her code using a tool without much initial knowledge of the security concerns pertaining to their task at hand. Also running a tool to assess the code if a fairly painless task once the developer becomes familiar wth the tool(s).

Retrieved from "https://wiki.owasp.org/index.php?title=Education_and_cultural_change&oldid=15134"