Secure Coding (SC) in c/c++$180
About this course
Producing secure programs requires secure designs. However, even the best designs can lead to insecure programs if developers are unaware of the many security pitfalls inherent in C and C++ programming. This four-day course provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to code that is vulnerable to exploitation. The course concentrates on security issues intrinsic to the C and C++ programming languages and associated libraries. The intent is for this course to be useful to anyone involved in developing secure C and C++ programs regardless of the specific application.
Please note you must bring a laptop computer equipped with the latest version of Adobe Reader and VMware Player. See the Prerequisites section for download information.
The course assumes basic C and C++ programming skills but does not assume an in-depth knowledge of software security. The ideas presented apply to various development environments, but the examples are specific to Microsoft Visual Studio and Linux/GCC and the Intel 64-bit and 32-bit Architectures (x86-64 and IA-32).
This course is designed for C and C++ developers.
Participants should come away from this course with a working knowledge of common programming errors that lead to software vulnerabilities, how these errors can be exploited, and effective mitigation strategies for preventing the introduction of these errors. Participants will learn how to
- improve the overall security of any C or C++ application
- thwart buffer overflows and stack-smashing attacks that exploit insecure string manipulation logic
- avoid vulnerabilities and security flaws resulting from the incorrect use of dynamic memory management functions
- eliminate integer-related problems: integer overflows, sign errors, and truncation errors
- correctly use formatted output functions without introducing format-string vulnerabilities
- avoid I/O vulnerabilities, including race conditions
Moreover, this course encourages programmers to adopt security best practices and develop a security mindset that can help protect software from tomorrow’s attacks, not just todays.
Our course begins with the first step for generating great user experiences: understanding what people do, think, say, and feel. In this module, you’ll learn how to keep an open mind while learning.