This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Security Code Review in the SDLC"
From OWASP
| Line 13: | Line 13: | ||
# Team review | # Team review | ||
# Inspection | # Inspection | ||
| + | [[Category:OWASP Code Review Project]] | ||
Revision as of 11:51, 15 November 2006
OWASP Code Review Guide Table of ContentsPreface
Code reviews vary widely in their level of formality. Reviews can be as informal as inviting a friend to help look for a hard to find bug, and they can be as formal as a software inspection process with trained teams, assigned roles and responsibilities, and a formal metric and quality tracking program.
In Peer Reviews in Software, Karl Wiegers lists seven review processes from least to most formal:
- Ad hoc review
- Passaround
- Pair programming
- Walkthrough
- Team review
- Inspection
