This course focuses on Secure Coding Best Practices through Threat Hunting in Modern C++. The learning outcomes include understanding Intrusion Kill Chains, conducting Threat Modeling exercises using the STRIDE approach, and learning to defend against various attacks like Spoofing, Tampering, Repudiation, Information leaks, Denial of service, and privilege Escalation. The course aims to help participants expose attack surfaces, uncover architectural flaws, identify attack vectors, balance risks and usability, and document mitigation strategies. The teaching method involves a hands-on Threat Modeling exercise against a Modern C++ system, with a focus on practical examples and real-world scenarios. This course is intended for software engineers, systems architects, and developers working with C++, especially those interested in enhancing their knowledge of secure coding practices and threat mitigation strategies.
Overview
Syllabus
Introduction
Threat hunting
Intrusion kill chain
Project Aurora
Reconning Systems
Phishing
Selecting the Attack Vector
The Golden Nugget
Threat Modeling
Threat Classification
Trust Boundaries
Example
No Safe Spaces
Stride Model
Cloud Repo
Information Disclosure
Denial of Service
Video Sensor
Blind
Privilege Escalation
Capture Process
Audit Trail
Surface
Evil Bit Set
Response to pushback
Troy Hunt
Taught by
CppNow
