Overview
Explore secure coding best practices and threat hunting techniques in this comprehensive conference talk from C++Now 2019. Dive into the world of cybersecurity with Matthew Butler as he guides you through the process of threat modeling and its importance in Modern C++ development. Learn about Intrusion Kill Chains and their role in understanding attacker methodologies. Participate in a hands-on threat modeling exercise using the STRIDE approach, covering Spoofing, Tampering, Repudiation, Information leakage, Denial of service, and Escalation attacks. Discover how to identify attack surfaces, uncover architectural flaws, and develop effective mitigation strategies. Gain insights into the Zero Trust world and its impact on systems design. Understand why mastering Modern C++ is crucial for building secure systems in an increasingly complex technological landscape.
Syllabus
Introduction
Threat hunting
Intrusion kill chain
Project Aurora
Reconning Systems
Phishing
Selecting the Attack Vector
The Golden Nugget
Threat Modeling
Threat Classification
Trust Boundaries
Example
No Safe Spaces
Stride Model
Cloud Repo
Information Disclosure
Denial of Service
Video Sensor
Blind
Privilege Escalation
Capture Process
Audit Trail
Surface
Evil Bit Set
Response to pushback
Troy Hunt
Taught by
CppNow