Back To Schedule
Thursday, May 16 • 3:10pm - 4:00pm
Why a Manual Code Review Might Be One of the Best Investment You Can Make

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Of all the topics related to application security, manual code review is probably one of the least popular. In the days of automation and fast paced delivery, who wants to sit down and go through tens of thousands of lines of code to search for a vulnerability? It's a long and tedious task - and it has been replaced by static application security testing.
Or has it?

In this presentation, you will learn about the advantages of doing a proper code review early in the development process. We will break this task into short and manageable iterations, each adapted to a given phase of application development. You will learn about the required skillset, useful shortcuts to speed up the process, and where code review fits in relation to other application security tools and techniques.
By the end of this presentation, it will be clear why a manual code review might very well be the one of the best investment you can make in your application security program.

avatar for David Caissy

David Caissy

Penetration Tester and Trainer, TRM Technologies Inc.
David Caissy, M. Sc., OSCP, GWAPT, GPEN, GSEC, CISSP, CEH is a web application penetration tester with in-depth developer and IT Security background spanning over 18 years. He has extensive experience in conducting vulnerability assessments and penetration tests as well as providing... Read More →

Thursday May 16, 2019 3:10pm - 4:00pm PDT
Terrace Lounge