Code Review Lab — practice secure code review
loading…
Code review is a skill.
Practice it.
Build the instinct that catches vulnerabilities in review.
loading daily challenge…
Build the instinct that catches vulnerabilities in review.
Build the instinct that catches vulnerabilities in review. Hands-on challenges in real production code.
Review the code for FileRight, an online tax filing service built with Ruby on Rails. The platform allows users to save tax drafts and submit their returns electronically. The development team recently implemented a draft management system that stores user tax data in sessions for quick retrieval. Examine how draft data is accessed and managed to ensure proper isolation between user accounts.
“We dropped Code Review Lab into our security training rotation. Two weeks later our engineers were catching things in PR review we'd historically missed.”