Learn Cyber Security

 Demo Code Review Introduction    Welcome to the fourth module of software security testing workshop. In this workshop so far we have spoken enough about security testing in software code, methodologies and different types of software testing along with different tools introduction that are available easily in the industry market. However, so far we have not presented a practical demo for performing code review.    This will be a quick module to demonstrate how you can perform code reviews before you put your code on a live desk. We will be using Flawfinder as our tool to review code written in “C” language.    What is Flawfinder?    The Flawfinder is an open source security code review tool that is easily available to be downloaded from the Internet in one quick go.    Vendor’s mouth    “A simple program that examines C/C++ source code and reports possible security weaknesses (“flaws”) sorted by risk level. It’s very useful for quickly finding and removing at least some potential secu

  Source Code Review Tools & Techniques Introduction    Welcome to the third module of software security testing workshop. This module will specifically discuss tools available on the Internet to perform security source code review, or simply code review. These tools are not easy to use and understand as it is not a script kiddy job to simply run and detect the vulnerability and you need to have a solid background in programming to understand what the tool is highlighting as a flaw and what could be the outcome of a complete review.    This module is an easy go as it will speak about different tools and some snapshots. This module can be separately studied to gain more knowledge about source code review tools and their features. In this module, we will public speaking and reviews about these tools.     In today’s field of information security, the fastest growing areas in the software security industry is a source code analysis tool, also known as static analysis tools. These tools