Bugs in software can be very expensive issues that can arise from not thoroughly testing and re-testing your code. In this course, Security for Hackers and Developers: Code Auditing, you will learn about manual code pentesting and all about how a professional code auditor finds bugs in code. You'll mainly be focusing on C/C++, but the high level ideas apply to all languages. By going deep into the weeds on C and C++ code, learners will appreciate the depth and experience required to audit this and any language code. First you'll learn about code auditing tools and techniques, as well has why memory corruption happens and how to prevent it. Then you'll learn all about the newer bug types such as use-after-free, type confusion, and kernel double fetch. You'll wrap up the course by learning about the real-world vulnerabilities like Heartbleed and other critical browser bugs. By the end this course, you'll know how to audit code with confidence. You'll know how to spot bugs, understand why they're important, and architect modern protections.
Dr. Jared DeMott is the founder of the security company, Vulnerability Discovery & Analysis (VDA) Labs. DeMott is a former NSA security analyst, Microsoft BlueHat Prize winner, and was the CTO and Binary Defense. He's frequently quoted in media, and invited to speak at security events.
Hi everyone, my name is Dr. DeMott and welcome to my course on Code Auditing. This is the 2nd class in the Application Security for Hackers and developers learning path. I’m the CTO of Binary Defense Systems and Founder of VDA Labs Training. I’m a long time security researcher, vulnerability, malware, and code security expert.I love teaching and mentoring and am happy to bring you another exciting class.
Did you know that bugs in software costs the economy billions of dollars/year? In this course, we are going to turn the tide as I explain how to find and fix critical bugs quicker. By going deep into the weeds on C and C++ code, learners will appreciate the depth and experience required to audit this, and any language code.
We cover topics such as:
A Language review and code auditing tools and techniques
Memory corruption – why it happens and how to prevent it
Newer bug types such as use-after-free, type confusion, and kernel double fetch
Real world vulnerability examples like Heartbleed and critical browser bugs
By the end this course, you’ll know how to audit code with confidence. You’ll know how to spot bugs, understand why they’re important, and architect modern protections. Before beginning the course you should take the first class in series called Security for Hackers and Developers: Overview
After completing this course, you should feel comfortable moving on to upcoming courses on:
I hope you’ll join me on this journey toward safer code, with the Security for Hackers and Developers: Code Auditing course-- at Pluralsight.