Simple Patterns for Complex Secure Code Reviews - Louis Nyffenegger - ASW #337 episode artwork

EPISODE · Jul 1, 2025 · 38 MIN

Simple Patterns for Complex Secure Code Reviews - Louis Nyffenegger - ASW #337

from Security Weekly Podcast Network (Video)

Manual secure code reviews can be tedious and time intensive if you're just going through checklists. There's plenty of room for linters and compilers and all the grep-like tools to find flaws. Louis Nyffenegger describes the steps of a successful code review process. It's a process that starts with understanding code, which can even benefit from an LLM assistant, and then applies that understanding to a search for developer patterns that lead to common mistakes like mishandling data, not enforcing a control flow, or not defending against unexpected application states. He explains how finding those kinds of more impactful bugs are rewarding for the reviewer and valuable to the code owner. It involves reading a lot of code, but Louis offers tips on how to keep notes, keep an app's context in mind, and keep code secure. Segment Resources: https://pentesterlab.com/live-training/ https://pentesterlab.com/appsecschool https://deepwiki.com https://daniel.haxx.se/blog/2025/05/29/decomplexification/ Show Notes: https://securityweekly.com/asw-337

NOW PLAYING

Simple Patterns for Complex Secure Code Reviews - Louis Nyffenegger - ASW #337

0:00 38:26

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Security Weekly Podcast Network (Video)?

This episode is 38 minutes long.

When was this Security Weekly Podcast Network (Video) episode published?

This episode was published on July 1, 2025.

What is this episode about?

Manual secure code reviews can be tedious and time intensive if you're just going through checklists. There's plenty of room for linters and compilers and all the grep-like tools to find flaws. Louis Nyffenegger describes the steps of a successful...

Can I download this Security Weekly Podcast Network (Video) episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!