X-Git-Url: https://git.martlubbers.net/?a=blobdiff_plain;f=report%2Freflection.tex;h=4222ef7d5962146d1bb483c69aa4e956c916732c;hb=bf85c6f569c297c733227d532cbaec0dd663e985;hp=e9d0f205d7153f341b8da4c6a32d670ade892f50;hpb=300e85f3c63352c982b683c730531a8ede1a3895;p=ssproject1617.git

diff --git a/report/reflection.tex b/report/reflection.tex
index e9d0f20..4222ef7 100644
--- a/report/reflection.tex
+++ b/report/reflection.tex
@@ -1,8 +1,3 @@
-Some categories in the ASVS are easier to check than others. For example
-Section~\ref{sec:v6}. A lot of possible attack vectors were not available just
-because the were not used. In other cases the verdict was an easy fail since
-some components, like input escaping, are just not present.
-%
 %TODO
 %- Vandaag verdict (puntjes) uploaden (iedereen)!
 %- Na morgen heeft iedereen de resultaten van Fortify een keer bekeken
@@ -34,16 +29,17 @@ some components, like input escaping, are just not present.
 \subsection{On our auditing process}
 \input{reflection.auditing_process.tex}
 
-(TODO: Wouter)
+\subsection{On the bottlenecks}
+\input{reflection.bottlenecks.tex}
 
 \subsection{On the ASVS checklist}
 \input{reflection.asvs.tex}
 
 \subsection{On HP Fortify / automated code analysis tools}
-(TODO: Charlie)
+\input{reflection.tools.tex}
 
-\subsection{?}
-(TODO: Mart)
+\subsection{TestCMS code security}
+\input{reflection.testcms_code.tex}
 
-\subsection{On the code \& streamlining subsequent security audits}
-\input{reflection.code_and_auditing.tex}
+\subsection{On the general development of secure software}
+\input{reflection.secure_development.tex}