How to Review Code for Security Issues
Offered By: DevSecCon via YouTube
Course Description
Overview
Learn how to effectively review code for security vulnerabilities in this 17-minute conference talk by Rouan Wilsenach at DevSecCon. Discover eight essential questions to ask during code reviews to identify common security issues before they reach production. Gain insights from Wilsenach, a Technical Leader and Software Engineer, as he shares his expertise in building outstanding teams and high-quality software. Explore topics such as input validation, authorization vulnerabilities, asset changes, data leakage prevention, API security, dependency management, and configuration best practices. Equip yourself with practical tips and examples to enhance your code review process and strengthen your application's security posture.
Syllabus
Intro
Relying on code review
Pay attention to where the input is going
Triple A checks
Authorization related vulnerability
Have the assets changed
Example
Leaking data
API security
New dependencies
Net example
Misconfiguration
AWS buckets
Caching
Tips
Recap
Outro
Taught by
DevSecCon
Related Courses
DevOps CI/CD Pipeline: Automation from development to deploymentUniversidad Anáhuac via edX DevOps Pipeline: Automatización hasta el despliegue
Universidad Anáhuac via edX Exploring the Benefits of Continuous Security and Compliance for Cloud Infrastructure
Pluralsight Integrating Incident Response into DevSecOps
Pluralsight DevSecOps: Building a Secure Continuous Delivery Pipeline
LinkedIn Learning