Sample Secure Code Review Report

January 2014
Download PDF (218.96 KB)

A Secure Code Review is a specialized task with the goal of identifying types of weaknesses that exist within a given code base. The task involves both manual and automated review of the underlying source code and identifies specific issues that may be representative of broader classes of weakness inherent in the code. A Secure Code Review does not attempt to identify every issue in the code, but instead attempts to identify types of risk within the code such that mitigation strategies can be devised.