awesome-secure-code-review

Awesome Secure Code Review

A curated list of tools, articles, books, and any other resource related to Secure Code Review

Please, note this is a bilingual repository, so not all the content is made in english. In front of the content, the language of the content will be indicate under brackets.

Contents

• Articles
• Learn
• Talks
• Tools
• License

Articles

• A Comprehensive Guide to Secure Code Review [EN]
• How to conduct a secure code review [EN]
• Secure Code Review Best Practices [cheat sheet included] [EN]
• The developer's guite to a secure code review [EN]
• What Is Secure Code Review? Process, Tools, and Best Practices [EN]

Learn

• Documentação de desenvolvimento seguro - Microsoft [Free]
• SecureFlag [Pay - Owasp Member]

Talks

• How to conduct a basic security code review | Vickie Li [EN]
• In code review we trust! Finding security bugs | Helena Carreço [PT/BR]
• How to Analyze Code for Vulnerabilities | Vickie Li [EN]

Tools

• Checkmarx [Pay]
• Horus [OpenSource]
• Safety [OpenSource]
• Semgrep [Pay]
• ShiftLeft Scan [OpenSource]
• Snyk [Pay]
• Veracode [Pay]

License