Implementation review involves the following key activities in a development team:
- Secure coding
- Selection of reliable and secure third-party components
- Secure configuration
Since we will discuss secure configuration in a later section, let's focus on third-party components and secure coding in this section. Automated secure code scanning is considered the most efficient way to review. There are some different technical approaches for secure code review.