Youtor
Application Security HowTo Ken’s SecureCode Review of an application codebase
>> YOUR LINK HERE: ___ http://youtube.com/watch?v=f6UOBCJ9pjw
In this video, Ken Johnson (@cktricky on twitter) demonstrates the Absolute AppSec Methodology for Secure-Code Review on an application codebase (i.e., Vulnerable Task Manager: https://github.com/redpointsec/vtm). The walkthrough illustrates how to organize a secure-code review by: information gathering for an unknown Django application; digging through source files to tease out promising testing avenues; and overall prioritizing routes for review. • It distills elements of secure-code review into a relatively short one-hour-and-twenty-minute demonstration. • In their Secure-Code Review courses, Seth and Ken use this walkthrough to highlight the principles discussed in the first day or two of the course. And they typically follow the walkthrough with an exercise where students apply the methodology to their own application source code in a workshop format. • To learn more about the Absolute AppSec Secure-Code review method, check-out discussion in our related blogpost which includes links to more resources: https://absoluteappsec.com/blog/Secur...
#############################
