Security code reviews are similar to regular code reviews or inspections except that the focus is on the identification of coding flaws that can lead to security vulnerabilities. The added benefit is that the elimination of security flaws often makes your code more robust.
This chapter has shown you how to review managed code for top security issues including XSS, SQL injection, and buffer overflows. It has also shown you how to identify other more subtle flaws that can lead to security vulnerabilities and successful attacks.
Security code reviews are not a panacea. However, they can be very effective and should feature as a regular milestone in the development life cycle.