Code Reviews Help Find and Fix Vulnerabilities in Your Apps

Small coding errors can result in critical vulnerabilities that can compromise the security of not just entire systems, but even entire companies.

Security vulnerabilities are not typically caused by a single error, but rather by a sequence of errors during the course of development: a coding error is introduced, it goes undetected during the testing phases, and available defense mechanisms do not stop a successful attack.

In the November issue of MSDN Magazine, Michal Chmielewski, Neill Clift, Sergiusz Fonrobert, and Tomasz Ostwald discuss how you can implement manual security code reviews, as well as the advantages and disadvantages of security code reviews in the context of large software projects.

For more coverage of security development topics, subscribe to the security RSS feed for MSDN Magazine. 

 

Technorati Tags: security, code review, testing