A code review, or audit, investigates the coding practices used in the application. The main objective of such reviews is to discover security defects and potentially identify solutions.

Source: NIST SP 800-95 | Category: