What is a Secure Code Review?
A Secure Code Review is the process of inspecting a software and source code to assess coding practices and to validate the presence of sufficient security controls that work as intended.
Types of Secure Code Reviews & Analysis
Static Code Analysis
Also referred to as Static Application Security Testing (SAST) – this type of analysis examines the code in a non-run time environment (without executing any of the code) to identify security issues in the code itself, such as SQL Injection and Cross-Site Scripting.