Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Can’t make it to #DevConfCZ for any reason? You can still attend virtually: youtube.com/RedHatCzech
View analytic
Sunday, February 7 • 14:00 - 14:40
Tactics of Code Auditor

Sign up or log in to save this to your schedule and see who's attending!

Source Code Auditing is an important part of security. Being proactive in looking for security bugs before the software is shipped is great way to cut down the risks. Though Source Code Auditing can be performed before the code is shipped or after the code is compiled and shipped as binary. In this talk I would share some of tactics and tools that I use to perform code auditing and explain different types of vulnerabilities present in code caused by for e.g Buffer Overflows, Heap Overflows , data type, arithmetic computations and etc. Some parts of this talk would have live demo and also might go into live pentesting according to time frame.

- Introduction
- Why we need to perform source code audits
- Defining scope of audit

- SoftWare Auditing Tactics [ C/C++ ]
- Attack plan with limited time frame
- Where to attack
- How to attack
- Which tools to use
- Understanding the impact of vulnerability

This talk is only focused on auditing software written in C/C++. But one can take some parts of this talk and would be able to implement into their own working environment.

Speakers
SS

Siddharth Sharma

Software Engineer, Red Hat
I work as a Software Engineer in Red Hat Product Security. I like to code in C, C++, write patches, do research and analysis of security flaws. I used to work in Red Hat's Desktop team as Software Maintenance Engineer which included fixing bugs on vast area of Desktop Applications for the components based on Qt/GTK/Motif shipped in Red Hat Enterprise Linux and maintaining RPM packages for RHEL.I have been contributing to KDE for more than 3... Read More →


Sunday February 7, 2016 14:00 - 14:40
d. E112 (156 places)

Attendees (47)