Our guest for this episode of the OWASP DevSlop Show is Paul Ionescu; Paul is a Security Architect and OWASP Chapter Leader from Ottawa, Canada. He is the creator and maintainer of the Secure Coding Dojo open source project.
Code review is, hopefully, part of regular development practices for any organization. Adding security elements to code review is the most effective measure in preventing vulnerabilities, even before the first commit.
This video is an introduction to secure code review. Thankfully, Paul produced many more resources to get you started.
Visit Paul’s Medium Blog
Medium article: / security-code-review-101
Visit the Secure Coding Dojo to practice your skills
Secure Coding Dojo Github: github.com/trendmicro/SecureC...
More resources are available here:
SlideShare: www.slideshare.net/PaulIonesc...
Attack-Grams article with the visualizations for the attacks: / attack-grams