Writing Secure Code: C++

Learn how to build secure and reliable enterprise applications using C++

Next Steps:

Overview

Upcoming Course Dates & Locations: View Schedule

Type of Course: Classroom

Insecure software is one of the biggest threats organizations face today. As hackers turn their attention to the software and applications that make up an organization’s IT infrastructure, the best protection is building secure software and writing secure code.

What You'll Learn

Understand the key security features of the C++ language, the common security mistakes developers make, and how to build secure and reliable enterprise applications using C++. Students are lead through hands-on code examples that highlight issues and prescribe solutions.

All students are challenged with real-world examples that are reinforced by practical and realistic code-level lab exercises. This course uses Hacme Travel, a client-server application completely written in C++ by Foundstone. Students are required to hack into the application, understand the development and design decisions that introduced those vulnerabilities, and then remediate those security issues on the final day of the class.

All instruction is taught around standard C++. Wherever necessary, platform-specific features (e.g., .NET) are described for completeness.

Why We Teach This Course

Implementing traditional security countermeasures is becoming less effective at protecting organizations’ critical assets. Flaws in poorly developed software are open invitations to malicious intruders who are adept at identifying programming flaws. Developers must learn how to avoid introducing vulnerabilities and implement security measures effectively into their code.

Who Teaches this Course

Foundstone software security instructors are software developers who have performed hundreds of software audits and code reviews, and have run software security programs at major financial services companies. They managed security programs at the Big Four accounting firms, the United States Air Force, and on Wall Street, and are frequent authors and public speakers.

Who Should Take this Course

This course is for professional software developers and software security auditors who have been developing C++ code for at least one year. A comprehensive knowledge of the C++ language and a basic knowledge of either of the commonly used Unix flavors are required.

Continuing Education Credits

This course qualifies for up to 32 hours of continuing professional education credits for Certified Information Systems Security Professional (CISSP)/Systems Security Certified Practitioner (SSCP).