There are many resources for learning security out there (research papers, proof of concept, CTF, pen-testing, presentations, wikipedia, etc.) but these resources often present isolated examples with anything irrelevant stripped out. Any good developer should strive to write code with as few bugs as possible, but even code with no logical bugs may be insecure. The intent with Security Review was to present digital security in a manner more akin to what we as developers would encounter in the real world: as code review. Within Security Review you’ll find (nearly) complete samples of code similar to what a developer may very well come across during code review. The code will be functionally complete, but will contain serious security vulnerabilities that need to be addressed. It is in this manner that a developer can practice secure coding in much the same way they would encounter it out in the wild.
Also, I think it’s a fun puzzle trying to crack code that is already fully exposed to you. Happy hunting 🙂