ENG 312 - How to Perform a Security Code Review Course (Updated)
Course Details
Course Number: ENG 312
Course Duration: 30 minutes
Course CPE Credits: .6
NICE Specialty Areas
Related Learning Paths
- Developer
- PHP Developer
- Mobile Developer
- Back-End Developer
- C# Developer
- C++ Developer
- Front-End Developer
- .NET Developer
- iOS Developer
- Java Developer
- JavaScript Developer
- C Developer
- HTML5 Developer
- Cloud Developer
- Ruby on Rails Developer
- Web Developer
- Node.js Developer
- Swift Developer
- Android Developer
- PCI Developer
- IoT & Embedded Developer
- Core Developer
- Microsoft SDL Developer
- Python Developer
- Engineer
- DevOps Practitioner
- Q/A Test Engineer
- Embedded Test Engineer
- Architect
- Embedded Architect
- Software Architect
- Admin
- Database Administrator
- Other
- Application Security Champion
- Information Security Specialist
Related Subject Matter
Foreign Languages Available:
- Chinese (S)
- English
- French (CF)
- Spanish (LA)
Course Overview
Application developers have a variety of tools at their disposal to identify flaws in their software. However, many of them cannot be used until late in the development lifecycle: dynamic analysis tools require a staging site and sample data, and some static analysis tools require a compiled build. In contrast, manual code reviews can begin at any time leveraging secure coding knowledge. Because manual security code reviews can be laborious if done inefficiently, this course focuses on time saving but effective techniques.
Topics include:
- How to organize and approach code reviews
- Prioritizing code segments to be reviewed
- Maximizing security resources