Home
 > Research and Reports > White Papers > How to Conduct a Code Review

How to Conduct a Code Review

Source: Security Innovation
A properly conducted code review can do more for the security of your application than nearly any other step. A large numbers of bugs can be found and fixed before the code makes it into an official build or into the hands of the test team. Additionally, the code review process lends itself very well to sharing security best practices amongst a development team and it produces "lessons learned" toward preventing future bugs. This guide focuses on identifying the types of issues that you should look for in the code being reviewed, and then on finding these bugs as quickly and effectively as possible. It also describes how you can use threat models, architecture diagrams, and other inputs to help guide your review.


Featured publications:

Comparing the Total Cost of Ownership of Business Intelligence Solutions
Source: Birst For many companies, traditional business intelligence (BI) software is costly and resource-intensive. So are open source alternatives that require significant configuration and integration. In contrast, software-as-a-service (SaaS) solutions can reduce the cost of a BI deployment by providing automation and pre-integration. Compare total cost of ownership (TCO) for traditional, open source, and SaaS BI solutions. Read More...
Best Practices: How to Engage Business Leaders in Succession
Source: SuccessFactors Effective succession management requires ownership by line-of-business leaders. Learn how HR can engage leaders to use the talent review process to identify, develop, and advance talent for tomorrow’s needs, preparing the organization to navigate the expected as well as the unexpected. Read More...
Culture Is a Business Issue
Source: Ernst & Young Company culture is unique and provides arguably the most sustainable competitive advantage an organization can have for distinguishing itself against the competition. With culture impacting your talent, products and services, clients, and even revenue, it’s important to measure, review, and nurture it. Download this guide to learn how to help build a strong company culture within the workplace to help your company thrive. Read More...


You may also be interested in these related documents:

Why .NET Technology Is Important for ERP
Source: Aptean .NET technology is a wake-up call, and some people are sleeping through it! Remaining competitive means mission-critical software systems, such as enterprise resource planning (ERP) applications, must be designed from the ground up for connectivity and integration. But software developers don’t advertise their shortcomings, and some ERP vendors—and by association, their customers—are being left behind. Read More...
Compliance Exposures in ERP Systems Part 1
Source: West Trax Applications Ltd This paper examines key issues for CFOs and CEOs in managing ERP systems in the new world of SOX, IFRS, Basle II. While most IT management attention seems to be on document retention, reporting quality, and security, there are broader issues to be considered toward ensuring good governance and compliance with regulations such as Sarbanes-Oxley, IFRS and Basle II. Read More...
Code Signing Certificates - Secure Delivery of Code and Content to Browsers
Source: Thawte thawte's Code Signing certificate confirms publisher details and content integrity of downloadable code. It is strongly recommended for any publisher who plans to distribute code or content over the Internet or corporate extranets. Find out how your signature is verified and how customers can confidently and safely download applets, plug-ins, or macros from your site. Read More...

 
comments powered by Disqus



Recent Searches
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Others

©2014 Technology Evaluation Centers Inc. All rights reserved.