Overview

Previous page
Table of content
Next page

Code reviews should be a regular part of your development process. Security code reviews focus on identifying insecure coding techniques and vulnerabilities that could lead to security issues. The review goal is to identify as many potential security vulnerabilities as possible before the code is deployed. The cost and effort of fixing security flaws at development time is far less than fixing them later in the product deployment cycle.

This chapter helps you review managed ASP.NET Web application code built using the Microsoft .NET Framework. In addition, it covers reviewing calls to unmanaged code. The chapter is organized by functional area, and includes sections that present general code review questions applicable to all types of managed code as well as sections that focus on specific types of code such as Web services, serviced components, data access components , and so on.

This chapter shows the questions to ask to expose potential security vulnerabilities. You can find solutions to these questions in the individual building chapters in Part III of this guide. You can also use the code review checklists in the "Checklists" section of the guide to help you during the review process.



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
Absolute Beginner[ap]s Guide to Project Management
CISSP Exam Cram 2
Java for RPG Programmers, 2nd Edition
Postfix: The Definitive Guide
Data Structures and Algorithms in Java
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy