Overview
Explore defensive coding practices and vulnerability detection techniques in this comprehensive workshop from Ubuntu Summit 2023. Learn both theoretical and practical approaches to uncovering flaws in codebases before public release. Discover open-source tools and real-world examples for identifying vulnerabilities in C and Python code. Delve into static techniques like linting, symbolic execution, and code querying, as well as dynamic methods such as fuzzing. Gain valuable insights into securing your codebase against potential threats, drawing lessons from recent breaches like Okta's 2022 incident. Equip yourself with the knowledge to build a robust "open source fortress" and protect your code from malicious actors.
Syllabus
The Open Source Fortress: Finding Vulnerabilities in Your Codebase Using Open Source Tools
Taught by
Ubuntu OnAir