This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Talk:Code Review Introduction"

From OWASP
Jump to: navigation, search
(New page: In ''Discovery: Gathering the information'', under ''before we start'', number 4. Does this *really* mean "importance"? It's possible for a very important system to be unavailable most o...)
 
(expand on my previous comments)
Line 2: Line 2:
  
 
If it's supposed to be about availability, then it should prolly be renamed.  If it's about "importance", then "importance" needs to be clearly defined. --[[User:Atk|Atk]] 13:55, 28 August 2007 (EDT)
 
If it's supposed to be about availability, then it should prolly be renamed.  If it's about "importance", then "importance" needs to be clearly defined. --[[User:Atk|Atk]] 13:55, 28 August 2007 (EDT)
 +
 +
One further thought: if it's supposed to be "availability", it may be valuable to add discussion of integrity and confidentiality, as well.

Revision as of 18:01, 28 August 2007

In Discovery: Gathering the information, under before we start, number 4. Does this *really* mean "importance"? It's possible for a very important system to be unavailable most of the time (i.e. a root cert server might be shut down, when not actually needed, and have not network connectivity, making it unavailable except for a local console). The description is of availability, not "importance".

If it's supposed to be about availability, then it should prolly be renamed. If it's about "importance", then "importance" needs to be clearly defined. --Atk 13:55, 28 August 2007 (EDT)

One further thought: if it's supposed to be "availability", it may be valuable to add discussion of integrity and confidentiality, as well.