Explore effective code review practices in this conference talk from BSides Nashville 2017. Learn about the importance of code reviews, techniques for identifying vulnerabilities like SQL injection and cross-site scripting, and best practices for validation and unit testing. Gain insights on using appropriate tools, maintaining code quality, and implementing OWASP guidelines. Discover practical tips for conducting thorough code reviews and improving overall software security.
Overview
Syllabus
Intro
Disclaimer
About Ryan
Agenda
Ryans story
What is a code review
Getting your eyes on the code
What do you use
What to look for
Sequel Injection
Validation
Unit Tests
Crosssite scripting
correctness
tools
not panic
fix
maintenance
final tips
WASP
Special Thanks
Questions
