Fork me on GitHub

Culture and Organization -> Education and Guidance: Security code review

Risk and Opportunity

Risk: Understanding security is hard.
Opportunity: The following areas of code tend to have a high-risk of containing security vulnerabilities: - Crypto implementations / usage - Parser, unparser - System configuration - Authentication, authorization - Session management - Request throttling - :unicorn: (self-developed code, only used in that one software)

Assessment

Additional Information

Benefits

Implementation hints

Usefulness and Requirements of this Activity

Usefullness: Medium
Required knowledge: Medium (two disciplines)
Required time: Low
Required resources (systems): Very Low

OWASP SAMM VERSION 2

ISO27001 2017

Credits

This activity is inspired/copied by/from

AppSecure-nrw Security Belts