Cyber Law Consulting :Cyber Law | Cyber forensics | Audit and Compliance |Trade Mark and Copy Right

Code Review

Cyber Law Consulting >> Audit >> Code Review

Code review may be especially productive for identifying security vulnerabilities. Specialized application programs are available that can help with this process. Automated code reviewing facilitates systematic testing of source code for potential trouble such as buffer overflows, race conditions, memory leakage, size violations, and duplicate statements.

A Code Review is focused on a software design, implementation, usefulness in fixing a stated problem, and fit within its module. Our reviewer is one with domain expertise in the problem area. A reviewer utilizes other areas of his or her expertise and comment's on other possible improvements. There are no inherent limitations on what comments a reviewer might make about improving the code.
Our Reviewers read the code line by line to check for:

Flaws or potential flaws
Consistency with the overall program design
Adherence to coding standards.

Our Reviewers will probably look at the following areas of the code:

“Goal” review: is the issue being fixed actually a bug? Does the patch fix the fundamental problem?
API/design review. Because APIs define the interactions between modules, they need special care. Review is especially important to keep APIs balanced and targeted, and not too specific or over designed. There are also specific API change rules that must be followed.
Maintainability review. Code which is unreadable is impossible to maintain. If the reviewer has to ask questions about the purpose of a piece of code, then it is probably not documented well enough. Does the code follow the coding style guide?
Security review. Does the design use security concepts such as input sanitizers, wrappers, and other techniques? Does this code need additional security testing such as fuzz-testing or static analysis?
Integration review. Does this code work properly with other modules? Is it localized properly? Does it have server dependencies? Does it have user documentation?
Testing review. Are there tests for correct function? Are there tests for error conditions and incorrect inputs which could happen during operation?
Standards review. Does the code follow the selected standards

	Cyber Crimes Not Yet Solved By Prashant Mali (cyberlawconsulting@gmail.com) Probably you all don’t even know these crimes happened. Still, they are all time mystery and go in history of Cyber Crimes with accolades. February 2008- Supermarket Security Breach: At least 1,800 credit and debit card numbers were stolen at supermarket chain throughout the Northeast and Florida. read more>>
	Information Technology (Amendment) Bill 2008 passed by Indian Parliament in December 2008 notified as the IT (Amendment) Act 2008 has received the assent of the President on the 5th Feb 2009. read more>>
	Types Of Cyber Crimes Article By Prashant Mali It can be classified in to 4 major categories as (1) Cyber crime against Individual (2) Cyber crime Against Property (3) Cyber crime Against Organization (4) Cyber crime Against Society read more>>