Welcome to the second edition of the OWASP Code Review Guide Project. The second edition brings the successful OWASP Code Review Guide up to date with current threats and countermeasures. This version also includes new content refecting the OWASP communities’ experiences of secure code review best practices.

The Second Edition of the Code Review Guide has been developed to advise software developers and management on the best practices in secure code review, and how it can be used within a secure software development life-cycle (S-SDLC). The guide begins with sections that introduce the reader to secure code review and how it can be introduced into a company’s S-SDLC. It then concentrates on specifc technical subjects and provides examples of what a reviewer should look for when reviewing technical code.