Chapter 4. Application Review Process

“Ah, my ridiculously circuitous plan is one quarter complete!”

Robot Devil, Futurama


You no doubt purchased this book with the expectation of delving into the technical details of application security vulnerabilities, but first you need to understand the process of application review and its logistical and administrative details. After all, technical prowess doesn’t matter if a review is structured so poorly that it neglects the important application attack surface and vulnerable code paths. Having some degree of structured process in planning and carrying out an application assessment is essential. Of course, your review may have some unique requirements, but this chapter gives you a framework ...

Get The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.