CppCon 2015 has ended
Back To Schedule
Thursday, September 24 • 3:15pm - 4:15pm
Secure C++ Programming

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Security vulnerabilities are fundamentally defects in our code. We know many of these defects stem from string processing, buffer overflows and integer underflow and overflows. These defects become security vulnerabilities when an attacker can crash an application, cause undefined behavior that leads to a Denial of Service, privilege escalation or hidden installation of rogue software.

So how do we build more secure C++ software? It starts by gaining an understanding of the basics of security vulnerabilities and how to identify them using the rich set of tools we now have available. With this foundation we can build a development culture where security considerations are pervasive and treated as important as program and algorithm correctness.

This session begins with a survey of common C/C++ string, integer and STL container issues and mitigations for these vulnerabilities. Follows with two detailed examples of vulnerabilities and how to fix their problems. Finishes with a survey of tools and references we have available today.

Thursday September 24, 2015 3:15pm - 4:15pm PDT
Six (406) Meydenbauer Center

Attendees (0)