Saturday, April 4, 2009

OWASP Releases Code Review Guide

| Brett D. Arion |
The Open Web Application Security Project (OWASP) released a new (and FREE) 216 page guide on how to review application code for vulnerabilities. Below is the project description for the Code Review Guide:

OWASP Code Review Guide V1.1
Short Project Description The code review guide is currently at release version 1.1 and the second best selling OWASP book in 2008. Many positive comments have been feedback regarding this initial version and believe it’s a key enabler for the OWASP fight against software insecurity. It has even inspired individuals to build tools based on its information. The combination of a book on secure code review and tools to support such an activity is very powerful as it gives the developer community a place to start regarding secure application development.

Going forward I hope to further integrate with the ASVS and other guides such as the testing and ASDR guides shall be perfromed for version 2.0

The book is available for FREE here....

Free Security Magazines