We may earn an affiliate commission when you visit our partners.
Identifying Security Vulnerabilities in C/C++Programming
Matthew Bishop, PhD
Matthew Bishop, PhD
This course builds upon the skills and coding practices learned in both Principles of Secure Coding and Identifying Security Vulnerabilities, courses one and two, in this specialization. This course uses the focusing technique that asks you to think about: “what to watch out for” and “where to look” to evaluate and ultimately remediate fragile C++ library code.
Read more
This course builds upon the skills and coding practices learned in both Principles of Secure Coding and Identifying Security Vulnerabilities, courses one and two, in this specialization. This course uses the focusing technique that asks you to think about: “what to watch out for” and “where to look” to evaluate and ultimately remediate fragile C++ library code.
Read more
This course builds upon the skills and coding practices learned in both Principles of Secure Coding and Identifying Security Vulnerabilities, courses one and two, in this specialization. This course uses the focusing technique that asks you to think about: “what to watch out for” and “where to look” to evaluate and ultimately remediate fragile C++ library code.
The techniques you’ll be examining will make your programs perform accurately and be resistant to attempts to perform inaccurately. This is really what the term secure programming means. You will be shown common errors that people make, and then learn how to program more robustly. You will apply tips and best practices to help you improve your programming style and help you to avoid common problems like buffer overflows, which may or may not cause security problems.
Register for this course and see more details by visiting:
OpenCourser.com/course/hs7ss9/identifying
What's inside
Syllabus
Users, Privileges, and Environment Variables
In this module, you will be able to manage users and privileges when you run programs or sub-programs. You will be able to identify and use the different types of privileges on a Linux (and UNIX-like) system. You'll be able to identify how program shells preserve environment settings. You will be able to examine how your shell (or other program that uses the PATH variable) deals with multiple versions of that variable.
Read more
Syllabus
Users, Privileges, and Environment Variables
In this module, you will be able to manage users and privileges when you run programs or sub-programs. You will be able to identify and use the different types of privileges on a Linux (and UNIX-like) system. You'll be able to identify how program shells preserve environment settings. You will be able to examine how your shell (or other program that uses the PATH variable) deals with multiple versions of that variable.
Read more
Validation and Verification, Buffer and Numeric Overflows, and Input Injections
In this module, you will be able to breakdown how the process of checking inputs, known as validation and verification works. You will be able to avoid and buffer numeric overflows in your programs. You will be able to discover what happens when you call functions with parameters that cause overflows. And finally, you will be able to detect various input injections such as cross-site scripting and SQL injections and be able to describe the consequences of not examining input.
Files, Subprocesses, and Race Conditions
In this module, you will be able to describe how files and subprocesses interact and be able to create subprocesses and shell scripts. You will also be able to identify and prevent race conditions in your programs and practice cleaning out environments to make them safe for untrusted subprocesses.
Randomness, Cryptography, and Other Topics
In this module you will be able to distinguish between pseudo-randomness and actual randomness. You will be able to apply randomness in the coding environment and generate random numbers and look at their distribution. You'll be able to identify and describe how and why cryptography is used, as well as why you should use trusted cryptography code libraries instead of crafting your own solution. You will be able to analyze and consider best practices for handling sensitive information, passwords, crypto keys, how to handle errors in security sensitive programs, and how to defend against string attacks. You will be able to hash a password and then try to guess another one. You will be able to practice cleaning out environments to make them safe for untrusted subprocesses, as well as practice handling integer overflow.
Good to know
Good to know
Know what's good ,
what to watch for , and
possible dealbreakers
Teaches methods to secure C++ programming code
Explores common errors in C++ programming and techniques to avoid them
Emphasizes validation and verification to prevent security vulnerabilities
Covers cryptography, randomness, and string attacks
Suitable for learners with foundational knowledge in secure coding practices
Prerequisites include knowledge of C++ and secure coding practices
Save this course
Save Identifying Security Vulnerabilities in C/C++Programming to your list so you can find it easily later:
Save
Save
Reviews summary
Security vulnerabilities in c/c++: conceptual overview
learners say this course provides conceptual information about security vulnerabilities in C/C++ programming. While some students say that the course is good and well-presented, others say that the examples provided are too small, and the instructor sometimes assumes programming knowledge that not all students have. Overall, students say this course provides a basic overview of security vulnerabilities but could be improved with more practical content and examples.
Good information on security vulnerabilities.
"Good course with well presented information and good info on topics related to multi-threaded processing vulnerabilities, environment variables, file systems, cryptography, public/private key sharing, input injection, buffer overflows, validation, and permissions (all dealt with via a Linux backdrop)."
Instructor sometimes assumes programming knowledge that not all students have.
"they dont provide code or example codes..... while he mentioned some functions you might need to avoid or you can use instead , it gives you the feeling there might be more to it."
"there isn't a cheat sheet provided and I would love to see some sort of summary where you could always refer to the juice stuff to review instead of reading the whole video transcript."
"While its not really necessary to be a programmer its might be addressed to these, its all conceptual , and most of the time the professor assumes you know how to do things"
Could be improved with better examples and deep dives into various scenarios for each topic.
"the coding examples were usually small and not particularly practical."
"This course would be greatly improved with better examples and deep dives into various scenarios for each topic."
More practical examples and less conceptual info needed.
"Need more programtic way"
"Practical demos could have added more fun to this course."
"This course has very minimal code."
Activities
Coming soon
We're preparing activities for
Identifying Security Vulnerabilities in C/C++Programming.
These are activities you can do either before, during, or after a course.
Career center
Learners who complete Identifying Security Vulnerabilities in C/C++Programming will develop knowledge and skills
that may be useful to these careers:
Information Security Analyst
Information Security Analyst
As an Information Security Analyst, you will be responsible for identifying, analyzing, and mitigating security risks to an organization's computer systems and networks. This course will improve your effectiveness in this role by helping you to identify and remediate security vulnerabilities in C++ code.
Penetration Tester
Penetration Tester
Penetration Testers assess the security of computer systems and networks by attempting to exploit vulnerabilities. This course will help you to develop the skills you need to be successful in this role, such as identifying and remediating security vulnerabilities in C++ code.
Malware Analyst
Malware Analyst
Malware Analysts investigate and analyze malware. This course will help you to develop the skills you need to be successful in this role, such as identifying and remediating security vulnerabilities in C++ code.
Security Architect
Security Architect
Security Architects design, implement, and manage an organization's security infrastructure. By taking this course, you can learn how to identify and remediate security vulnerabilities in C++ code, which will make you a more competitive candidate for this role.
Security Engineer
Security Engineer
Security Engineers design, implement, and maintain security systems. This course will help you to develop the skills you need to be successful in this role, such as identifying and remediating security vulnerabilities in C++ code.
Security Consultant
Security Consultant
Security Consultants provide advice and guidance to organizations on how to improve their security posture. This course will help you to develop the skills you need to be successful in this role, such as identifying and remediating security vulnerabilities in C++ code.
Security Analyst
Security Analyst
Security Analysts investigate and analyze security incidents. This course will help you to develop the skills you need to be successful in this role, such as identifying and remediating security vulnerabilities in C++ code.
Software Engineer
Software Engineer
Software Engineers are responsible for the design, development, and maintenance of software systems. This course covers several topics that are relevant to this role such as identifying and remediating security vulnerabilities, validation and verification, and randomness.
Systems Administrator
Systems Administrator
Systems Administrators are responsible for the maintenance and security of computer systems. This course will help you to identify and remediate security vulnerabilities in C++ code, a valuable skill for this role.
Web Developer
Web Developer
Web Developers design, create, and maintain websites. In this field, it is important to pay attention to security as there are many ways to leave a user vulnerable, which this course addresses by teaching you how to identify and remediate security vulnerabilities in C++ code.
Chief Information Security Officer
Chief Information Security Officer
You will play a leading role in the development and implementation of security programs to safeguard the organization's data and systems. This course can help set you on the path to this position as you will learn how to identify and remediate security vulnerabilities, skills that are in high demand for CISOs.
Database Administrator
Database Administrator
Database Administrators are responsible for the maintenance and security of databases. This course may be useful to you in this role as it will help you to identify and remediate security vulnerabilities in C++ code.
Network Administrator
Network Administrator
Network Administrators are responsible for the maintenance and security of computer networks. This course may be useful to you in this role as it will help you to identify and remediate security vulnerabilities in C++ code.
Software Developer
Software Developer
Software Developers create and maintain software applications. This course may be useful to you in this role as it will help you to identify and remediate security vulnerabilities in C++ code.
Cybersecurity Engineer
Cybersecurity Engineer
Your day-to-day work will include designing, implementing, and maintaining security systems to protect an organization's networks and data. This course may be helpful to you in this role as it will help you to identify and remediate security vulnerabilities in C++ code.
For more career information including salaries, visit:
OpenCourser.com/course/hs7ss9/identifying
Reading list
We've selected 13 books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Identifying Security Vulnerabilities in C/C++Programming.
Save
Is the definitive reference for the C++ programming language, providing a solid foundation for understanding the concepts taught in this course.
Save
Provides a detailed guide to secure programming in C and C++, serving as a valuable reference and complement to the course materials.
Provides an overview of secure coding practices in C and C++ and supplement the materials offered in this course.
Provides a comprehensive overview of security issues in C++ and offers practical solutions that align with the topics covered in this course.
Save
Provides detailed guidance on secure coding practices in C that complement and expand on the materials covered in this course.
Provides a detailed reference of the C standard library, serving as a valuable resource for understanding the underlying mechanisms discussed in this course.
Save
Provides insights into reverse engineering techniques, complementing the topics covered in this course and enhancing the understanding of software security.
Provides a comprehensive overview of computer security principles and practices, offering a broader context for the topics covered in this course.
Provides practical recipes and examples for secure coding in C++, enhancing the hands-on skills covered in this course.
Save
Provides a comprehensive overview of modern cryptography techniques and their applications, offering additional depth on a topic relevant to this course.
Provides an in-depth guide to advanced programming techniques in the UNIX environment, enhancing the understanding of topics covered in this course.
Delves into concurrency and multithreading in C++, expanding the knowledge gained in this course and providing additional insights.
Save
Provides a comprehensive guide to C++ templates, offering additional depth on a topic relevant to this course.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/hs7ss9/identifying
Share
Similar courses
Here are nine courses similar to
Identifying Security Vulnerabilities in C/C++Programming.
Principles of Secure Coding
OpenCourser.com/course/vxzooh/principles
Principles of Secure Coding
Most relevant
Secure Coding with C#
OpenCourser.com/course/0ffwqm/secure
Secure Coding with C#
Most relevant
Secure Software Implementation for CSSLP®
OpenCourser.com/course/6vfah0/secure
Secure Software Implementation for CSSLP®
Most relevant
Secure Coding Practices in Java Applications (Java SE 11 Developer Certification 1Z0-819)
OpenCourser.com/course/xdlgib/secure
Secure Coding Practices in Java Applications (Java SE 11...
Most relevant
Security for Artificial Intelligence Software and Services
OpenCourser.com/course/g1ivnn/security
Security for Artificial Intelligence Software and Services
Most relevant
Security and Auditing in Ethereum
OpenCourser.com/course/pcf6or/security
Security and Auditing in Ethereum
Most relevant
PowerShell Functions for Security Analysis
OpenCourser.com/course/voc9aq/powershell
PowerShell Functions for Security Analysis
Most relevant
Microsoft Azure DevOps Engineer: Implement a Secure and Compliant Development Process
OpenCourser.com/course/pbfy6m/microsoft
Microsoft Azure DevOps Engineer: Implement a Secure and...
Secure Coding in Angular
OpenCourser.com/course/a6y63g/secure
Secure Coding in Angular
Effort
4 weeks of study, 5-6 hours/week
Level
Intermediate
Via
Coursera
Institution
University of California, Davis
Instructor
Matthew Bishop, PhD
Language
English
Transcripts
Español
Français
Português
Deutsch
Italiano
中文
العربية
한국어
日本語
हिंदी
Nederlands
Svenska
Pусский
Türkçe
Polski
Ελληνικά
українська мова
Bahasa Indonesia
ไทย
қазақша
This course belongs to a
collection
called
Secure Coding Practices. It's comprised of four courses:
- Principles of Secure Coding
- Exploiting and Securing Vulnerabilities in Java Applications
- Identifying Security Vulnerabilities in C/C++Programming (viewing)
- Identifying Security Vulnerabilities
Good to know
Teaches methods to secure C++ programming code
Explores common errors in C++ programming and techniques to avoid them
Emphasizes validation and verification to prevent security vulnerabilities
Covers cryptography, randomness, and string attacks
Suitable for learners with foundational knowledge in secure coding practices
Prerequisites include knowledge of C++ and secure coding practices
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2024 OpenCourser