One of the often overlooked aspects of security is that of the code review. Here is a free security code review tool. I have taken the time to try it but, that shouldn’t stop you from giving it a whirl.
From Security Ninja:
So what does Agnitio do to address these integrity concerns? Agnitio will remove the need to use notepad files for notes and it will produce reports for any applications that have been reviewed with the tool. It will make reviewers think about the application they are reviewing and the real risk associated with any findings.
Agnitio forces a reviewer to follow a checklist for each code review meaning a consistent approach to reviewing source code for security flaws in followed. To ensure the reviewer is really thinking about the application being reviewed Agnitio requires the reviewer to either create an application profile or select an existing profile before any checklist items can be answered.
You can download the tool here.
(Image used under CC from shironekoeuro)
