Home
 > Research and Reports > White Papers > How to Conduct a Code Review

How to Conduct a Code Review

Source: Security Innovation
A properly conducted code review can do more for the security of your application than nearly any other step. A large numbers of bugs can be found and fixed before the code makes it into an official build or into the hands of the test team. Additionally, the code review process lends itself very well to sharing security best practices amongst a development team and it produces "lessons learned" toward preventing future bugs. This guide focuses on identifying the types of issues that you should look for in the code being reviewed, and then on finding these bugs as quickly and effectively as possible. It also describes how you can use threat models, architecture diagrams, and other inputs to help guide your review.


Featured publications:

Comparing the Total Cost of Ownership of Business Intelligence Solutions
Source: Birst For many companies, traditional business intelligence (BI) software is costly and resource-intensive. So are open source alternatives that require significant configuration and integration. In contrast, software-as-a-service (SaaS) solutions can reduce the cost of a BI deployment by providing automation and pre-integration. Compare total cost of ownership (TCO) for traditional, open source, and SaaS BI solutions. Read More...
SaaS and Cloud ERP Observations: Is Cloud ERP Right for You?
Source: Aberdeen Group Over the past six years, Aberdeen Group has been measuring organizations’ willingness to consider a software-as-a-service (SaaS) deployment model for their enterprise resource planning (ERP) software implementations. Using this research, Aberdeen has created a short report to help organizations as they review their options and provide key takeaways to consider during the process. Read More...
ERP in the Cloud and the Modern Business
Source: IDC Businesses are realizing that the cloud is the future of enterprise software and offers many attractive business benefits. But there is much to think about when evaluating the potential move to a cloud model, especially for core systems like ERP. Download this white paper to review IDC CloudTrack Survey findings, gain expert insight into the challenges and opportunities the cloud presents, and determine which deployment option could provide the biggest benefits for your organization. Read More...


You may also be interested in these related documents:

Why .NET Technology Is Important for ERP
Source: Aptean .NET technology is a wake-up call, and some people are sleeping through it! Remaining competitive means mission-critical software systems, such as enterprise resource planning (ERP) applications, must be designed from the ground up for connectivity and integration. But software developers don’t advertise their shortcomings, and some ERP vendors—and by association, their customers—are being left behind. Read More...
Compliance Exposures in ERP Systems Part 1
Source: West Trax Applications Ltd This paper examines key issues for CFOs and CEOs in managing ERP systems in the new world of SOX, IFRS, Basle II. While most IT management attention seems to be on document retention, reporting quality, and security, there are broader issues to be considered toward ensuring good governance and compliance with regulations such as Sarbanes-Oxley, IFRS and Basle II. Read More...
Code Signing Certificates - Secure Delivery of Code and Content to Browsers
Source: Thawte thawte's Code Signing certificate confirms publisher details and content integrity of downloadable code. It is strongly recommended for any publisher who plans to distribute code or content over the Internet or corporate extranets. Find out how your signature is verified and how customers can confidently and safely download applets, plug-ins, or macros from your site. Read More...

 
comments powered by Disqus



Recent Searches
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Others

©2014 Technology Evaluation Centers Inc. All rights reserved.