Chapter 4. Application Review Process

“Ah, my ridiculously circuitous plan is one quarter complete!”

Robot Devil, Futurama

Introduction

You no doubt purchased this book with the expectation of delving into the technical details of application security vulnerabilities, but first you need to understand the process of application review and its logistical and administrative details. After all, technical prowess doesn’t matter if a review is structured so poorly that it neglects the important application attack surface and vulnerable code paths. Having some degree of structured process in planning and carrying out an application assessment is essential. Of course, your review may have some unique requirements, but this chapter gives you a framework ...

Get The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.