Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/juligaioso/awesome-secure-code-review

Last synced: 8 days ago
JSON representation

Host: GitHub
URL: https://github.com/juligaioso/awesome-secure-code-review
Owner: juligaioso
License: cc0-1.0
Created: 2024-01-21T18:34:16.000Z (10 months ago)
Default Branch: main
Last Pushed: 2024-02-12T23:00:13.000Z (9 months ago)
Last Synced: 2024-05-23T03:05:55.696Z (6 months ago)
Size: 49.8 KB
Stars: 41
Watchers: 1
Forks: 3
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # awesome-secure-code-review



# Awesome Secure Code Review 

> A curated list of tools, articles, books, and any other resource related to [Secure Code Review](https://www.synopsys.com/glossary/what-is-code-review.html#:~:text=Secure%20code%20review%20is%20a,style%20guidelines%2C%20among%20other%20activities.)

Please, note this is a bilingual repository, so not all the content is made in english. In front of the content, the language of the content will be indicate under brackets.

## Contents

- [Articles](#articles)

- [Learn](#learn)

- [Talks](#talks)

- [Tools](#tools)

- [License](#license)

## Articles

- [A Comprehensive Guide to Secure Code Review](https://medium.com/@krunal-kawa/a-comprehensive-guide-to-secure-code-review-529e31897b53) [EN] 

- [How to conduct a secure code review](https://www.techtarget.com/searchsecurity/tip/How-to-conduct-a-secure-code-review) [EN] 

- [Secure Code Review Best Practices [cheat sheet included]](https://blog.gitguardian.com/secure-code-review-cheat-sheet-included/) [EN]  

- [The developer's guite to a secure code review](https://www.tabnine.com/blog/the-developers-guide-to-a-secure-code-review/) [EN] 

- [What Is Secure Code Review? Process, Tools, and Best Practices](https://www.aquasec.com/cloud-native-academy/devsecops/secure-code-review/) [EN]

## Learn

- [Documentação de desenvolvimento seguro - Microsoft](https://learn.microsoft.com/pt-br/azure/security/develop/) [Free]

- [SecureFlag](https://www.secureflag.com/) [Pay - Owasp Member]

## Talks

- [How to conduct a basic security code review | Vickie Li](https://www.youtube.com/watch?v=e52nVG7wR2Q) [EN] 

- [In code review we trust! Finding security bugs | Helena Carreço](https://www.youtube.com/watch?v=gewNYKjYybA&t=5586s) [PT/BR] 

- [How to Analyze Code for Vulnerabilities | Vickie Li](https://www.youtube.com/watch?v=A8CNysN-lOM) [EN]  

## Tools

- [Checkmarx](https://checkmarx.com/) [Pay]

- [Horus](https://horusec.io/site/) [OpenSource]

- [Safety](https://safetycli.com/product/safety-cli?utm_source=pyupio&utm_medium=redirect&utm_campaign=pyup_rd&utm_id=0817&utm_content=marketing) [OpenSource]

- [Semgrep](https://semgrep.dev/) [Pay]

- [ShiftLeft Scan](https://github.com/ShiftLeftSecurity/sast-scan) [OpenSource]

- [Snyk](https://snyk.io/pt-BR/) [Pay]

- [Veracode](https://www.veracode.com/) [Pay]

## License

[![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](http://creativecommons.org/publicdomain/zero/1.0)