Code Reviewing Strategies

From OWASP
Revision as of 16:40, 27 September 2010 by Mark.bristow (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

468x60-banner-2010.gif

Registration | Hotel | Walter E. Washington Convention Center

The presentation

Owasp logo normal.jpg
Looking at the source of an application that's over 100k lines of code can be an overwhelming experience. With out having a practical plan of approach, it's easy to get lost and not provide a comprehensive review of the application.

This talk will outline a variety of strategies that help focus and guide the reviewer through the challenges faced in source code auditing. Specific topics will cover comprehensive code reviews, auditing for specific vulnerabilities, design review, hybrid approaches, and the OWASP code review guidelines.

Additionally, a new strategy for source code review will outlined to provide a practical means of focusing a code review effort.

Andrew Wilson

Speaker bio will be posted shortly.