One of the key aspects of secured application development practice is Security code review. Security code review, as like normal code review, could be done either in automated fashion using one or more tools, or in manual fashion where one or more developers are involved in doing code review. Unlike application normal code review where one needs the knowledge of business functionality and programming language & related technologies’ knowledge, Security code review requires knowledge on different aspects of security including some of the following:
To be able to do effective security code review, one may be required to adopt top-down approach where he/she may be required to know the details of use-case and drill down further. Perform some of the following activities while doing security code review:
This kind of decomposition belongs to threat modeling based on data flow diagrams (DFD).
Thus, honestly speaking, this would require a minimum level of application security training for the developers to be able to perform effective security code review.
Watch out this space for more.
In recent years, artificial intelligence (AI) has evolved to include more sophisticated and capable agents,…
Adaptive learning helps in tailoring learning experiences to fit the unique needs of each student.…
With the increasing demand for more powerful machine learning (ML) systems that can handle diverse…
Anxiety is a common mental health condition that affects millions of people around the world.…
In machine learning, confounder features or variables can significantly affect the accuracy and validity of…
Last updated: 26 Sept, 2024 Credit card fraud detection is a major concern for credit…