Secure C/C++ Development (SCD) will guide you through the main memory corruption vulnerabilities that affect C/C++ programs, such as buffer overflows and use-after-frees. The course is packed with hands-on exercise scenarios based around sample vulnerable programs. These are used to demonstrate how attackers exploit flaws in the real world and how code can be written defensively to prevent or mitigate the impact of security vulnerabilities.
- How to identify security flaws that affect C/C++ code through code review and manual testing.
- How to evaluate the impact of flaws by learning offensive techniques used to exploit these flaws in real-world attacks.
- How mitigation techniques (such as canaries, ASLR and DEP) can be applied both at the compiler and at the operating system level to reduce the impact of vulnerabilities, together with an assessment of their effectiveness against determined attackers.
- OS Exploit Mitigation
- Input Validation
- Time and State
- Code Quality
- Integrating Security
Benefits to your organization
- Helps to ensure that your software is resilient to an attack, against even the most advanced threats.
- Reduces the number and severity of the vulnerabilities that are introduced into software.
- Increases your organization’s overall understanding of security, reducing the time and cost of remediating vulnerabilities
- Stimulates a positive attitude and an understanding of the importance of security within the development team.
Who should attend?
This workshop is aimed at developers with an operating knowledge of C/C++. Although the workshop uses an x86 Linux distribution as a base platform, the concepts explained can be easily applied/transferred to other operating systems (e.g. Windows) and platforms (e.g. ARM embedded devices).
Given the highly specialist content of this course, it is recommended that delegates know how to write programs in C/C++, are familiar with the use of debuggers and can read and understand basic x86 assembly code (no actual assembly programming experience is required).
Download the Secure C/C++ Brochure below for the full syllabus