Explore a conference talk that delves into the challenges of securing a project through increased test coverage. Learn about code coverage in Go, seccomp profiles as artifacts, and the process of extracting syscalls. Discover the Harpoon tool and its role in enhancing security. Examine the uretprobe issue and its workaround, as well as the benefits of transitioning to libbpfgo. Gain insights into the complexities of software security and testing methodologies in this informative presentation from Conf42 Golang 2024.
How We Almost Secured Our Project by Writing More Tests
Overview
Syllabus
intro
preamble
whoami
what is code coverage
code coverage with go
what is a seccomp profile
seccomp profile as artifact
extracting the syscalls
harpoon
the uretprobe issue
workaround
benefits of moving to libbpfgo
references / special thanks
thanks for your attention
Taught by
Conf42
