Secure Coding Learning Center

Klocwork is committed to helping developers produce the most secure and reliable code possible. In addition to our award-winning source code analysis tools, we also provide free secure programming courses. These highly technical online courses are aimed at helping developers understand and address key coding principles and challenges.

These courses are brought to you by Klocwork and Security Innovation, partners in providing tools and educational resources for software developers - learn more.

We have plenty of new courses that will be available soon. Sign up for the Klocwork newsletter to be notified when new and informative content for developers is available!

Klocwork will never share your information with other parties. Access our privacy policy for more details.

Title
Description
Duration
Latest
CWE-415 Double Free
Learn about the security impact of double free error conditions in C/C++ and walk through code examples where the issue exists. Examine a step-by-step attack scenario and learn about mitigation strategies.
20 mins
View Course
CWE-497 Exposure of System Data to an Unauthorized Control Sphere
Unhandled exception cases and overly descriptive error messages expose system information to attackers and enable them to refine their attacks. Learn to identify and address these weaknesses in your code.
20 mins
View Course
CWE-129 Improper Validation of Array Index
Out-of-bounds array index references can cause diminished availability, loss of data integrity, leakage of sensitive information and alteration of program logic. Learn how to identify and mitigate vulnerable code.
20 mins
View Course
Memory Flaws Boot Camp
Part 1 - CWE-170 Improper Null Termination
Learn to describe, identify and avoid these vulnerabilities. Walk through code examples and understand the security risks they impose.
15 mins
View Course
Part 2 - CWE-401 Improper Release of Memory
Memory leaks pose major security risks including denial-of-service attacks. Learn how to describe, identify and avoid them in your code.
15 mins
View Course
Part 3 - CWE-457 Use of Uninitialized Variable
This issue can expose software to DOS attacks and arbitrary code execution. Learn key strategies to mitigate this weakness.
15 mins
View Course
Part 4 - CWE-476 NULL Pointer Dereference
Learn about this vulnerability type and the security impact it can have. Walk through code examples and learn how to avoid issues.
15 mins
View Course
Demo - Detecting Security Defects in Code
Watch Klocwork on-the-fly source code analysis in action. See CWE memory vulnerabilities identified in code and how Klocwork Review can report on CWE software security defects across your code base.
6 mins
Watch Demo
Stand-alone Courses
CWE-377 Insecure Temporary Files
While many developers inherently trust application temporary files, the fact is they present a common entry path for attackers and pose many risks. Examine code examples and learn to avoid security issues.
20 mins
View Course
CWE-77 Injection Vulnerabilities
Consequences of injection attacks include malicious code execution and theft of information. Learn to identify and correct vulnerable code.
45 mins
View Course
Introduction to Secure Coding for C/C++
Learn fundamentals of secure coding and defensive coding principals for C/C++. Learn basics of buffer, stack and heap overflows and more.
90 mins
View Course
Intro to Microsoft Security Development Lifecycle
Learn the benefits, steps and requirements for Security Development Lifecycle, as well as identifying the appropriate tools required.
60 mins
View Course
OWASP Top Ten Threats and Mitigations
Identify and explain the threats in the OWASP Top 10, as well as the security principles and mitigation techniques related to them.
90 mins
View Course