Top ten tips for hiring security code reviewers
Having first built and then ran a sizeable team doing this work at Foundstone I thought I would chip in with my 2 Euroís worth.
These tips are based on my experiences and observations of interviewing, hiring and managing these folks as well as being a consumer in previous jobs. Code review is set to explode now the PCI have foolishly comparing a code review to a web app firewall.
At Security Buddha.
[ Read more ]