SI Secure
SI Secure
IndustriesServicesProductsCompanyLibrary
SI Services


Creating Secure Code - C/C++

 View our "Creating Secure Code"  Webcast

Course Description

Secure coding is the process of reducing the susceptibility of code to vulnerabilities. It includes items that are classed as defensive in nature (e.g. checking error return codes before using handles and other data structures that should have been created, or protecting against using a pointer after it has been released). It also includes items that may be more normally associated with cryptographic procedures (e.g. random number generation, encryption algorithms, etc.) This course examines vulnerabilities that are specific to C/C++ and covers real-world examples – illustrated in code - of failures along with methods to find, fix and prevent each type of flaw. Students are provided with a set security coding best practices and practical recommendations.

Course Objectives

Upon completion of this class, participants will be able to:

  • Identify why Software Security matters to their business
  • Write secure code on Windows and *nix platform
  • Proactively recognize and remediate common coding errors that lead to vulnerabilities
  • Perform threat modeling to identify vulnerabilities and analyze risk

  • Design and develop secure applications leveraging time-tested defensive coding principles

Course Outline

I. Introduction to software security
This section provides insight into Software Security, why it is needed, and what the consequences of security vulnerabilities can be.
 
II. Operating System Security
This section goes deep into Windows and *nix security and the programming caveats that they present. It then describes best practices to write robust code (exception handling etc). Finally it describes the risks of socket programming and identifies secure practices.
 
III.  Common coding errors in C/C++
This section teaches how to recognize and remediate common C/C++ coding errors and what tools can support this effort.
 
IV. Threat Modeling
This section will show how threat modeling is a great technique to find, classify and prioritize security vulnerabilities.
 
V.  Defensive Coding Principles
This section educates the students on 12 time-tested defensive coding principles and how to use them to effectively prevent common security vulnerabilities.
 
V.  Exam
A 15 question multiple choice exam is taken at the end of the course
 
Training labs will be used to provide practical experience


For more information, please contact Sales at +1.978.694.1008 x24 or email

back to the top of the page