ENG 312 - How to Perform a Security Code Review Course (Updated)


Course Overview

Application developers have a variety of tools at their disposal to identify flaws in their software. However, many of them cannot be used until late in the development lifecycle: dynamic analysis tools require a staging site and sample data, and some static analysis tools require a compiled build. In contrast, manual code reviews can begin at any time leveraging secure coding knowledge.  Because manual security code reviews can be laborious if  done inefficiently, this course focuses on time saving  but effective techniques.

Topics include:

  • How to organize and approach code reviews
  • Prioritizing code segments to be reviewed
  • Maximizing security resources
Ready to Demo this course? Questions? Contact Us!