Transcription of OWASP CODE REVIEW GUIDE
{{id}} {{{paragraph}}}
Example: confidence
OWASP CODE REVIEW GUIDE
OWASP code REVIEW GUIDE 2008 2002-2008 OWASP Foundation This document is licensed under the Creative Commons Attribution Share Alike license. You must attribute your version to the OWASP code REVIEW GUIDE or the OWASP Foundation. OWASP code REVIEW GUIDE 2008 2 Table of Contents Foreword by Jeff Williams, OWASP Chair .. 4 Welcome to the OWASP code REVIEW GUIDE .. 6 About The Open Web Application Security Project .. 8 code REVIEW GUIDE History .. 10 Introduction .. 11 Preparation .. 13 Security code REVIEW in the SDLC .. 16 Security code REVIEW Coverage .. 18 Application Threat Modeling .. 22 code REVIEW Metrics .. 45 Crawling code .. 49 Searching for code in J2EE/Java .. 56 Searching for code in Classic ASP .. 60 Javascript / Web keywords and pointers .. 63 code REVIEW and PCI DSS .. 64 Reviewing by technical control: Authentication .. 66 Reviewing by technical control: Authorization .. 73 Reviewing by technical control: Session Management.
OWASP Code Review Guide V1.1 2008 8 ABOUT THE OPEN WEB APPLICATION SECURITY PROJECT The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop,
Loading..
Tags:
Information
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document: