Security Code Review in the SDLC

OWASP Code Review Guide Table of Contents

Preface
Code reviews vary widely in their level of formality. Reviews can be as informal as inviting a friend to help look for a hard to find bug, and they can be as formal as a software inspection process with trained teams, assigned roles and responsibilities, and a formal metric and quality tracking program.

In Peer Reviews in Software, Karl Wiegers lists seven review processes from least to most formal:


 * 1) Ad hoc review
 * 2) Passaround
 * 3) Pair programming
 * 4) Walkthrough
 * 5) Team review
 * 6) Inspection