Basics of Source Code Review

Gupta Bless
5 min readOct 16, 2021
Photo by Mohammad Rahmani on Unsplash

Introduction

Source Code Review plays a vital role in securing any system or application in its initial stage. In this security experts know programming and cybersecurity better perform the review of the code in order to look for the vulnerabilities in the source code.

It can be manual or automated depending on the organization and their approach. The main aim is to identify the vulnerabilities in the source code in the initial stages of SDLC. Experts look for logical vulnerabilities, Input validation issues, and many more as per OWASP top 10. Let’s discuss in detail how the auditing is being done and what are the issues that are mostly flagged by the team.

Note: Basic Knowledge of programming is necessary for it. Here I am explaining Source code review based on PHP.

Input Validation?

Structured Query Language Injection / SQLI:

This is the most severe issue web application; where unsanitized user input is directly transferred to the SQL queries and due to it the attacker is able to execute the arbitrary SQL queries in the database. It can lead to full…

--

--

Gupta Bless
Gupta Bless

Written by Gupta Bless

Security enthusiast working to secure web for others.

No responses yet