This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
A Process for Performing Security Code Reviews
July/August 2006 (vol. 4 no. 4)
pp. 74-79
Michael Howard, Microsoft
No one really likes reviewing source code for security vulnerabilities, but it's a critical component of shipping secure software. Howard describes his approach to tackling the process. It won't identify all security vulnerabilities in your code, but it's effective for scanning large amounts of code quickly for common issues and reviewing risky code in greater depth.
Index Terms:
code review, security vulnerabilities, secure code
Citation:
Michael Howard, "A Process for Performing Security Code Reviews," IEEE Security & Privacy, vol. 4, no. 4, pp. 74-79, July-Aug. 2006, doi:10.1109/MSP.2006.84
Usage of this product signifies your acceptance of the Terms of Use.