Audit your code for security problems

If you're a developer who has joined a development project already in progress or have decided to use third-party code, or if you're an administrator who is worried about the quality of code your internal developers are putting on your system, then you need a way to quickly and efficiently review the code for problems. Fortunately, you don't have to be a programmer extraordinaire to perform a basic code review. In this sample chapter from Developer's Guide to Web Application Security, learn how to take an already-developed piece of code and determine whether it has fundamental security problems. Chapter coverage includes:

• Efficiently tracing through a program
• Auditing and reviewing selected programming languages
• Looking for vulnerabilities
• Pulling it all together

Title: Developer's Guide to Web Application Security
ISBN: 159749061X
Published: February 2005
Authors: Michael Cross
Chapter: Chapter 6: Code Auditing and Reverse Engineering
Published by Syngress Publishing