Secure Code Review

Who should attend?

  • Software Designers
  • Application Developers
  • Testers
  • Security Team
  • IT Managers
  • Chief Information Officer 
  • Senior Management
Introduction to Secure Code Review
  • Introduction and Preparation
  • Secure code review in SDLC
  • Application threat Modeling code review 
  • DevSecOps
  • Agile methodology
  • Crawling code
Static and Dynamic Application Security Testing
Code Review and PCI DSS Audit Control
  • Authentication
  • Authorization
  • Session Mangement
  • Input Validation
  • Error handling
  • Secure application Deployment
  • Cryptographic Controls
  • Buffer Overruns and Overflows
  • SQL Injection
  • Data validation
  • cross-site scripting 
  • Cross-site request forgery
  • logging issues
  • Session Integrity issues
  • Race conditions
Additional Security Considerations
  • Java Gotchas 
  • Java Security Practice
  • ASP Design Mistakes
  • PHP Security Practice
  • Audit MySQL Security
  • Audit Flash Applications
  • Audit Web Services
Code Review Backdoor
Secure Code Review Best Practoces
Application Security Scanning Technologies