This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

File:2015-02-24-Jim DelGrosso-OWASP Belgium, Why Code Reviews and Pen-Tests Are Not Enough.pdf

From OWASP
Revision as of 10:35, 25 February 2015 by LievenDesmet (talk | contribs) (Why Code Reviews and Pen-Tests Are Not Enough (by Jim DelGrosso, Cigital) Code reviews and penetration tests are excellent techniques for finding defects in software. But there is a whole class of defects that they are not good at finding - flaws. Jim...)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
2015-02-24-Jim_DelGrosso-OWASP_Belgium,_Why_Code_Reviews_and_Pen-Tests_Are_Not_Enough.pdf(file size: 3.41 MB, MIME type: application/pdf)

Why Code Reviews and Pen-Tests Are Not Enough (by Jim DelGrosso, Cigital)

Code reviews and penetration tests are excellent techniques for finding defects in software. But there is a whole class of defects that they are not good at finding - flaws. Jim will briefly talk about the differences between bugs and flaws, will describe a technique to help identify flaws, and talk about the work being done as part of the IEEE Center for Secure Design to help people avoid common flaws.

File history

Click on a date/time to view the file as it appeared at that time.

Date/TimeDimensionsUserComment
current10:35, 25 February 2015 (3.41 MB)LievenDesmet (talk | contribs)Why Code Reviews and Pen-Tests Are Not Enough (by Jim DelGrosso, Cigital) Code reviews and penetration tests are excellent techniques for finding defects in software. But there is a whole class of defects that they are not good at finding - flaws. Jim...
  • You cannot overwrite this file.

There are no pages that link to this file.

Retrieved from "https://wiki.owasp.org/index.php?title=File:2015-02-24-Jim_DelGrosso-OWASP_Belgium,_Why_Code_Reviews_and_Pen-Tests_Are_Not_Enough.pdf&oldid=190264"