Security Reviews: The Heuristics Zoo, Part 2/2

Introduction (Part I)  The Heuristics Zoo, Part 1/2 Note: standard Disclaimer expressed in Part I applies here as well. Heuristic 5: “Area Expertise” and “Penetration Testing” These two seemingly different techniques share a lot in how they approach managing the complexity of security reviews, so I will consider them together. “Area Expertise” is simply learning….

0

Security Reviews: The Heuristics Zoo, Part 1/2

Initially meant to fit into one chapter, this text grew quickly and I had to split it into two. So there will be four parts of the article in total. Introduction (or Part I) is here. <Disclaimer>By no means this list is “complete”. I think every security person on the planet can add couple extra good…

0

Practice and Theory of Security Reviews

Click here if you want’ to skip all the theory and just go to the Security Reviews Heuristics Zoo If you are a software security professional, you might’ve been asked sometimes to conduct a “security design review”. If you felt lost at that point, this article may help you. Here I tried to summarize my…

2