Have you seen it? OWASP recently released their Code Review Guide to the general public for download! I’m very happy to say that one of our own consultants was a contributing author, Jenelle (Chapman) Davis!
This book goes through the basics of preparing for a review, understanding how threats may present themselves, to the more advanced topics of reviewing code for technical controls, to even giving suggestions for common languages or platforms on where to start. If you are interested in code review, you should understand the concepts in this book at a minimum. Slowly, but surely, we’re starting to see more and more information be made available on this topic, and hopefully this will begin to spread around the desire for this type of service.
Possibly Related Posts:
- Selective Domain Filtering with Postfix and a SPAM Filtering Service
- Preventing Account Takeover, Enable MFA!
- Proofpoint Patches URL Sandbox Bypass Bug
- Improve Outbound Email with SPF, DKIM, and DMARC
- Life after G-Suite/Postini