Project Application Security Review Mentoring

greggles's picture

I feel like there are people who feel comfortable doing the regular review, but not the security review portion of a typical review. So, I'd like to share with some folks how I tend to do that in one-on-one sessions. I hope that by doing these one-on-one it will provide more confidence to those folks than a blog post or screencasts or whatever might do.

My expectation is, of course, that those people will then continue doing security reviews for projects, especially those in the rtbc or needs review queues.

  • Do a review (or more than one!) - here is how
  • I expect you've already read writing secure code and/or Cracking Drupal
  • Send me a contact that includes links to those reviews.
  • Include some times that you are available when I might be available. I'm usually ready to work by 9AM New York time and stop around 19:30 New York time)
  • Include your skype username