X-Git-Url: https://git.martlubbers.net/?a=blobdiff_plain;f=report%2Freflection.tex;h=4222ef7d5962146d1bb483c69aa4e956c916732c;hb=7b4f3b58aaa2b1f15acaacfb28f5ce20903f7c5e;hp=3ce7222c8ac2677ca0ff876f451901267f902069;hpb=22868dbe1ddbd1b213b4a9b08c2e9b1dcf7f6f50;p=ssproject1617.git

diff --git a/report/reflection.tex b/report/reflection.tex
index 3ce7222..4222ef7 100644
--- a/report/reflection.tex
+++ b/report/reflection.tex
@@ -1,8 +1,3 @@
-Some categories in the ASVS are easier to check than others. For example
-Section~\ref{sec:v6}. A lot of possible attack vectors were not available just
-because the were not used. In other cases the verdict was an easy fail since
-some components, like input escaping, are just not present.
-%
 %TODO
 %- Vandaag verdict (puntjes) uploaden (iedereen)!
 %- Na morgen heeft iedereen de resultaten van Fortify een keer bekeken
@@ -34,7 +29,8 @@ some components, like input escaping, are just not present.
 \subsection{On our auditing process}
 \input{reflection.auditing_process.tex}
 
-(TODO: Wouter)
+\subsection{On the bottlenecks}
+\input{reflection.bottlenecks.tex}
 
 \subsection{On the ASVS checklist}
 \input{reflection.asvs.tex}
@@ -42,8 +38,8 @@ some components, like input escaping, are just not present.
 \subsection{On HP Fortify / automated code analysis tools}
 \input{reflection.tools.tex}
 
-\subsection{?}
-(TODO: Mart)
+\subsection{TestCMS code security}
+\input{reflection.testcms_code.tex}
 
-\subsection{On the code \& streamlining subsequent security audits}
-\input{reflection.code_and_auditing.tex}
+\subsection{On the general development of secure software}
+\input{reflection.secure_development.tex}