Shostack + Friends Blog Archive

 

Performing Code Reviews

My co-worker Mike Howard has a really good article on “A Process for Performing Security Code Reviews” [link to http://www.computer.org/portal/site/security/menuitem.6f7b2414551cb84651286b108bcd45f3/index.jsp?&pName=security_level1_article&TheCat=1001&path=security/2006/v4n4&file=basic.xml no longer works] in IEEE Security & Privacy. It’s chock full of useful advice.