C/C++ Security

Course Description

Writing secure code in C/C++ is far from trivial. This course introduces the complexity of working with the C/C++ family of languages, especially from a security perspective. Learn about major security flaws that can lead to insecure programs and how to combat them. Lesson topics include string handling, memory management, integer overflow and wrapping, format string attacks, and more.

Course Themes

  • C/C++ language common pitfalls and security controls
  • Knowing your legacy code and undefined behavior in the context of C/C++ and why it should be avoided
  • Use of deprecated string functions, their replacements, and common patterns that lead to security flaws
  • Concepts such as memory management and string handling, with real-world exploits and code examples

Learning Objectives

  • Identify use cases where C/C++ is widely used
  • Apply new best practices for safely manipulating strings
  • Identify unsafe memory handling practices
  • Apply mitigation techniques to common integer mishandling
  • Understand issues with concurrency and parallelism
  • Describe best practices for access controls

Details

Delivery Format : eLearning

Duration: 1 Hour

Level: Advanced

Intended Audience:

  • Developers
  • QE Engineers
  • Architects
  • Application Security Specialists
  • Code Auditors        

Competencies: 

  • Fluency in C or C++ development
  • Understanding of component design

Prerequisites: 

 

Get more course information