Blog Stats
  • Posts - 14
  • Articles - 2
  • Comments - 5
  • Trackbacks - 5

 

<< One-click attack:How to prevent them? | Home | Security Enhancements in .NET framework 2.0 >>

Basic questions for Security Code Review

Following are the main areas to look for security code review:

  1. SQL injection
  2. CSS
  3. Data Access
  4. Input/Data Validation
  5. Authentication
  6. Authorization
  7. Sensitive data
  8. Unsafe code
  9. Unmanaged code
  10. Hard-coded secrets
  11. Poor error handling
  12. Web.config
  13. CAS
  14. Cryptography
  15. Undocumented public interfaces
  16. Thread Racing problems

For details look into Security Engineering Explained by MS Patterns and Practises !!

 

Print posted @ Sunday, September 03, 2006 10:20 AM

Feedback

No comments posted yet.

Post a comment





 

 

 

Copyright © Parmeshwar Arewar