Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, September 24 • 3:15pm - 4:15pm
Secure C++ Programming

Log in to save this to your schedule and see who's attending!

Security vulnerabilities are fundamentally defects in our code. We know many of these defects stem from string processing, buffer overflows and integer underflow and overflows. These defects become security vulnerabilities when an attacker can crash an application, cause undefined behavior that leads to a Denial of Service, privilege escalation or hidden installation of rogue software.

So how do we build more secure C++ software? It starts by gaining an understanding of the basics of security vulnerabilities and how to identify them using the rich set of tools we now have available. With this foundation we can build a development culture where security considerations are pervasive and treated as important as program and algorithm correctness.

This session begins with a survey of common C/C++ string, integer and STL container issues and mitigations for these vulnerabilities. Follows with two detailed examples of vulnerabilities and how to fix their problems. Finishes with a survey of tools and references we have available today.

Speakers
avatar for Gwendolyn Hunt

Gwendolyn Hunt

Principal Software Engineer, Tripwire, Inc.


Thursday September 24, 2015 3:15pm - 4:15pm
Six (406) Meydenbauer Center