This is a set of trainings and workshops designed and delivered by Robert Seacord and CERT-SEI team, Carnegie Mellon. Provide detailed explanation of common programming principles and errors in C and C++ and describing how these errors can lead to code that is vulnerable to exploitation.
Compared with other technologies, C and C++ pose unique and difficult challenges to the process of continuously writing and delivering quality code without security issues. The great power that a developer possesses over e.g. memory management results in the responsibility to write code that deals properly with object lifecycles, manages buffers correctly and many other aspects that have no equivalent in languages with automatic memory management.