Security Beyond Memory Safety - Using Modern C++ to Avoid Vulnerabilities by Design

Explore a comprehensive conference talk from CppCon 2024 where Max Hoffmann delves into security practices that go beyond memory safety in C++ programming. Learn how to prevent vulnerabilities through effective C++ constructions and custom static analysis scripts. The presentation analyzes multiple real-world examples, from basic input validation to complex time-of-check vs time-of-use issues when accessing shared resources. For each security challenge, discover attacker models, threats, implementation pitfalls, and potential solutions that not only secure code but also protect developers from accidentally introducing vulnerabilities in the future. Gain deeper insights into security engineering and practical approaches to leveraging C++ features to prevent security issues by design. This talk is valuable for C++ developers looking to enhance their security practices beyond the commonly discussed memory safety concerns.