[Owasp-codereview] How is code reviewing in the world?

Paolo Perego thesp0nge at gmail.com
Thu Feb 22 11:44:49 EST 2007

Hi there, I'm back from another presentation about code review and safe
coding... our customer seemed to be scared about this issues and more prone
to buy a "do-it-all" tool for code reviewing. So a question arises in my

How is code review approached from customers outside Italy? People *feels*
the need that a security consultant can help them reviewing their code?
Customers are aware that a code review team can give them some help during
software development lifecycle improving their applications' security?
How is the world wide marketplace? Have you got some experience in doing pre
sales meeting proposing code review? How is the customer feels about this?

I'm so disappointed by italian scene... the common approach is, give a
developer a tool (a cheap tool is better) and so the security is done... :(

Sorry for this long mail, but I've to know if I've got a wrong vision about
application security or if everybody in the world it's scared about code
review and safe coding practices.


Diverso non necessariamente significa peggiore
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-codereview/attachments/20070222/cff1225a/attachment.html 

More information about the Owasp-codereview mailing list