This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Talk:Code Review Introduction"

From OWASP
Jump to: navigation, search
(expand on my previous comments)
(Discussion moved, as the content was moved to another article: Code_Review_Preparation)
 
Line 1: Line 1:
In ''Discovery: Gathering the information'', under ''before we start'', number 4.  Does this *really* mean "importance"?  It's possible for a very important system to be unavailable most of the time (i.e. a root cert server might be shut down, when not actually needed, and have not network connectivity, making it unavailable except for a local console).  The description is of availability, not "importance". 
 
  
If it's supposed to be about availability, then it should prolly be renamed.  If it's about "importance", then "importance" needs to be clearly defined. --[[User:Atk|Atk]] 13:55, 28 August 2007 (EDT)
 
 
One further thought: if it's supposed to be "availability", it may be valuable to add discussion of integrity and confidentiality, as well.
 

Latest revision as of 14:50, 9 September 2010