Code review is a process that occurs before a code change gets committed to the software. Imparting security elements to the code review is the most effective action in preventing vulnerabilities. OWASP Top 10 and MITRE Top 25 incorporate the lists of common programming security-related weaknesses or flaws helping to identify every issue in the code.
The major areas on that the secure code review keeps an eye on are: Authentication, Authorization, Session management, Data validation, Error Handling, Logging, Encryption. This security code review aims to increase the qualities of the code and thereby reduce the number of flaws.