Code Review for Security

Code Review as a Security Tool

What should you be looking for in code reviews that affect security?

Sending sensitive data over insecure network interfaces

Code style

Checks for authentication

Logging of passwords or sensitive information

Confusing or unclear code

Tests covering security principals

Brand and style guide usage

SOLUTION: