Code Review Lab — practice secure code review
loading…
Code review is a skill.
Practice it.
Build the instinct that catches vulnerabilities in review.
loading daily challenge…
Build the instinct that catches vulnerabilities in review.
Build the instinct that catches vulnerabilities in review. Hands-on challenges in real production code.
VoltCharge is a Spring Boot portal where EV drivers manage their charging subscription and the email address tied to their account. Sessions ride on a standard JSESSIONID cookie, and a simple HTML form POSTs to /account/email to change the contact address. Review the Spring Security configuration and the account controller to see whether state-changing requests are properly protected.
“We dropped Code Review Lab into our security training rotation. Two weeks later our engineers were catching things in PR review we'd historically missed.”