Description

Type

Short course
Level

Intermediate
Methodology

Inhouse

Duration

2 Days
Start date

Different dates available

Business Group Bookings Only

This course explains in details the mechanisms underlying typical C/C++ security relevant programming bugs – the common security vulnerabilities. The root causes of the problems are explained through a number of easy-to-understand source code examples, which at the same time make clear how to find and correct these problems in practice. The real strength of the course lays in numerous hands-on exercises, which help the participants understand how easy it is to exploit these vulnerabilities by the attackers.

Facilities

Inhouse

Start date

Different dates availableEnrolment now open

About this course

Course objectives

Upon completion of this course, you will be able to:* Understand basic concepts of security, IT security and secure coding* Realize the severe consequences of non-secure buffer handling* Understand the architectural protection techniques and their weaknesses* Learn about typical coding mistakes and how to avoid them* Be informed about recent vulnerabilities in various platforms, frameworks and libraries* Get sources and further reading on secure coding practices

Who is it intended for?

C/C++ developers, software architects and testers

Requirements

There are no formal prerequisites for this course.

What marks this course apart?

The course also gives an overview of practical protection methods that can be applied at different levels (hardware components, the operating system, programming languages, the compiler, the source code or in production) to prevent the occurrence of the various bugs, to detect them during development and before market launch, or to prevent their exploitation during system operation. Through exercises specially tailored to these mitigation techniques participants can learn how simple – and moreover cheap – it is to get rid of various security problems.

Questions & Answers

Add your question

Our advisors and other users will be able to reply to you

Who would you like to address this question to?

All
Students
Centre

Fill in your details to get a reply

We will only publish your name and question

Reviews

5.0

100%

4.8

excellent

Course rating

Recommended

Centre rating

Norman T. Brown

5.0

24/03/2019

About the course: The coach explained everything really well, I am thankful.

Would you recommend this course?: Yes

*All reviews collected by Emagister & iAgora have been verified

This centre's achievements

2018

How do you get the CUM LAUDE seal?

All courses are up to date

The average rating is higher than 3.7

More than 50 reviews in the last 12 months

This centre has featured on Emagister for 6 years

Subjects

Structured Programming
UML
C Sharp
Programming
GUI
Design patterns
Object oriented
Requirements gathering
Advanced C++
Object oriented analysis and design

Teachers and trainers (1)

Bright Solutions

Trainer

Course programme

#text-block-10 { margin-bottom:0px; text-align:left; }

IT security and secure coding

* Nature of security
* IT security related terms
* Definition of risk
* IT security vs. secure coding
* From vulnerabilities to botnets and cyber crime
* Classification of security flaws

Security relevant C/C++ programming bugs and flaws

* Exploitable security flaws
* Protection principles
* x86 machine code, memory layout, stack operations

Buffer overflow

* Buffer overflow
* Stack overflow
* Protection against stack overflow
* Stack smashing protection
* Address Space Layout Randomization (ASLR)
* Non executable memory areas – the NX bit
* Return-to-libc attack – Circumventing the NX bit
* Return oriented programming (ROP)
* Heap overflow

#text-block-11 { margin-bottom:0px; text-align:left; }

Common coding errors and vulnerabilities

* Input validation
* Improper use of security features
* Improper error and exception handling
* Time and state problems
* Code quality problems

Advices and principles

* Matt Bishop’s principles of robust programming
* The security principles of Saltzer and Schroeder

Knowledge sources

* Secure coding sources – a starter kit
* Vulnerability databases

See related categories

Contact us

C/C++ Secure Coding

Questions & Answers

Reviews

Reviews on other courses at this centre

This centre's achievements

Subjects

Course programme

Add similar courses
and compare them to help you choose.

C/C++ Secure Coding

Questions & Answers

Reviews

Reviews on other courses at this centre

This centre's achievements

Subjects

Course programme

Add similar coursesand compare them to help you choose.

Add similar courses
and compare them to help you choose.