ENG 312 – How to Perform a Security Code Review (UPDATED)

Course Overview

Automated tools have limitations—manual code reviews remain a vital way to catch security issues early in the development lifecycle. Aligned with best practices from OWASP and the MITRE Corporation; this course introduces efficient, effective techniques for performing security code reviews, helping developers identify flaws without relying solely on tooling or compiled builds.

After completing this course, learners will have the knowledge and skills to:

• List the benefits of security code review
• Describe best practices and steps for performing reviews
• Explain the strengths and limitations of static analysis
• Use data flow and control flow analyses in secure code review