Security Inspections

A security inspection is a focused check against criteria. In practice, there are three types of inspections: design, code, and deployment inspections. Design inspections help identify key engineering issues that have cascading impact. Code inspections catch implementation issues. Deployment inspections catch runtime and configuration issues. During inspections, you check both whether good practices are implemented, and bad practices are avoided.

Getting Started

• At a Glance: Security Inspections

Techniques

• Security Design Inspection
• Security Code Inspection
• Security Deployment Inspection

Design Inspection Questions

• Web Application Security Design Inspection Questions

Code Inspection Questions

• .NET Framework 2.0 Security Inspection Questions
• ASP.NET 2.0 Security Inspection Questions