Title :
A process for performing security code reviews
Author :
Howard, Michael A.
Author_Institution :
Security Eng., Microsoft, Redmond, WA
Abstract :
No one really likes reviewing source code for security vulnerabilities; its slow, tedious, and mind-numbingly boring. Yet, code review is a critical component of shipping secure software to customers. Neglecting it isn´t an option
Keywords :
program debugging; program diagnostics; security of data; security code reviews; security vulnerabilities; Computer bugs; Computer security; Data analysis; Data security; History; Java; Performance analysis; Privacy; Software tools; Wildlife; code review; secure code; security vulnerabilities;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2006.84
