Loading…
Thank you for joining us at our 20th Anniversary Event! All sessions were recorded and will be posted in the coming weeks on the OWASP YouTube channel.

We have been working hard to secure the world through challenges and discovery. And now, it’s time to celebrate! Many of you have played a crucial role in the Foundation’s enduring history, and we encourage you to participate in the celebration coming this September! Our theme, Securing the Next 20 Years, is encouraging and exciting as we look ahead to the next 20 years!

Join us for FREE at this live 24-hour global event as we honor the past, celebrate the present, and embrace the future of OWASP and cybersecurity. Hear from world-renowned keynotes and special speakers, and network with your peers. It is FREE to attend, however, registration IS required, to gain access to the session links.

Back To Schedule
Friday, September 24 • 1:30pm - 2:00pm
How To Review Code For Vulnerabilities

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Abstract:
​Performing a source code review is one of the best ways to find security issues in an application. But how do you do it?

First, what are the main concepts that you should be familiar with before diving into code review? And where do you even start reviewing code? What strategies are there to identify different types of vulnerabilities? Are there any ways to automate the process?

In this talk, I will go through the basics of how to review an application’s source code to find vulnerabilities and introduce some strategies to review your application. You will also get the chance to practice reviewing a few pieces of code yourself. By the end of this presentation, you should be able to start identifying vulnerabilities in your applications!​​​

Speakers
avatar for Vickie Li

Vickie Li

Developer Evangelist, ShiftLeft Inc
Vickie Li is the resident developer evangelist at ShiftLeft. She is an experienced web developer with an avid interest in security research. She can be found on https://vickieli.dev, where she blogs about security news, techniques, and her latest bug bounty findings. She also hosts... Read More →


Friday September 24, 2021 1:30pm - 2:00pm EDT
On-Line