Loading…
CppCon 2024 has ended
Monday September 16, 2024 11:00 - 12:00 MDT
Nowadays, there is one topic that comes up in virtually all discussions on system programming languages: memory safety.
However, even though memory safety rules out many of the most common sources of vulnerabilities, there are still plenty of ways how a vulnerability may find its way into the codebase.

In this talk, we look beyond memory safety and explore how we can prevent vulnerabilities through simple yet effective C++ constructions and custom static analysis scripts.
We analyze multiple examples, from basics like input validation to complex time-of-check vs time-of-use issues when accessing shared resources, all of which are inspired by real-world products, use cases, or vulnerabilities.
For each example, we discuss attacker models, threats, and implementation pitfalls, before looking at potential solutions that are not just secure by themselves but also protect developers from accidentally introducing vulnerabilities in the future.

Attendees will leave with a deeper understanding of security engineering and
inspirations for leveraging C++ to prevent potential security issues by design.
Speakers
avatar for Max Hoffmann

Max Hoffmann

Security Manager, ETAS
Max Hoffmann studied cybersecurity and got his Ph.D. in hardware security at the Ruhr University Bochum, Germany, in association with the Max Planck Institute for Security and Privacy at the research group of Professor Christof Paar. With a passion for teaching, he continues to contribute... Read More →
Monday September 16, 2024 11:00 - 12:00 MDT
Adams A
Feedback form is now closed.

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Share Modal

Share this link via

Or copy link