Home
 > Research and Reports > White Papers > How to Conduct a Code Review

How to Conduct a Code Review

Source: Security Innovation
A properly conducted code review can do more for the security of your application than nearly any other step. A large numbers of bugs can be found and fixed before the code makes it into an official build or into the hands of the test team. Additionally, the code review process lends itself very well to sharing security best practices amongst a development team and it produces "lessons learned" toward preventing future bugs. This guide focuses on identifying the types of issues that you should look for in the code being reviewed, and then on finding these bugs as quickly and effectively as possible. It also describes how you can use threat models, architecture diagrams, and other inputs to help guide your review.


Featured publications:

Customer Analytics: A Powerful Source of Competitive Advantage for Midsize Organizations
Source: IBM Completing the customer picture today involves collecting and assembling data from multiple sources, including traditional sources such as transactions and surveys, as well as customer sentiments and other information that can be uncovered in comments made on social media channels. An effective customer analytics strategy enables businesses to integrate these insights to increase customer lifetime value, reduce turnover, and conduct more precise targeting and segmentation. Read More...
Comparing the Total Cost of Ownership of Business Intelligence Solutions
Source: Birst For many companies, traditional business intelligence (BI) software is costly and resource-intensive. So are open source alternatives that require significant configuration and integration. In contrast, software-as-a-service (SaaS) solutions can reduce the cost of a BI deployment by providing automation and pre-integration. Compare total cost of ownership (TCO) for traditional, open source, and SaaS BI solutions. Read More...
SaaS and Cloud ERP Observations: Is Cloud ERP Right for You?
Source: Aberdeen Group Over the past six years, Aberdeen Group has been measuring organizations’ willingness to consider a software-as-a-service (SaaS) deployment model for their enterprise resource planning (ERP) software implementations. Using this research, Aberdeen has created a short report to help organizations as they review their options and provide key takeaways to consider during the process. Read More...


You may also be interested in these related documents:

Why .NET Technology Is Important for ERP
Source: Aptean .NET technology is a wake-up call, and some people are sleeping through it! Remaining competitive means mission-critical software systems, such as enterprise resource planning (ERP) applications, must be designed from the ground up for connectivity and integration. But software developers don’t advertise their shortcomings, and some ERP vendors—and by association, their customers—are being left behind. Read More...
Compliance Exposures in ERP Systems Part 1
Source: West Trax Applications Ltd This paper examines key issues for CFOs and CEOs in managing ERP systems in the new world of SOX, IFRS, Basle II. While most IT management attention seems to be on document retention, reporting quality, and security, there are broader issues to be considered toward ensuring good governance and compliance with regulations such as Sarbanes-Oxley, IFRS and Basle II. Read More...
Code Signing Certificates - Secure Delivery of Code and Content to Browsers
Source: Thawte thawte's Code Signing certificate confirms publisher details and content integrity of downloadable code. It is strongly recommended for any publisher who plans to distribute code or content over the Internet or corporate extranets. Find out how your signature is verified and how customers can confidently and safely download applets, plug-ins, or macros from your site. Read More...

 
comments powered by Disqus



Recent Searches
Others A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

©2014 Technology Evaluation Centers Inc. All rights reserved.