Secure Coding Center

Rogue Wave & Security Innovation have teamed up to provide the tools and educational resources to help developer create more secure code.

CWE-415 Double Free

Learn about the security impact of double free error conditions in C/C++ and walk through code examples where the issue exists. Examine a step-by-step attack scenario and learn about mitigation strategies.

CWE-497 Exposure of System Data to an Unauthorized Control Sphere

Unhandled exception cases and overly descriptive error messages expose system information to attackers and enable them to refine their attacks. Learn to identify and address these weaknesses in your code.

CWE-129 Improper Validation of Array Index

Out-of-bounds array index references can cause diminished availability, loss of data integrity, leakage of sensitive information and alteration of program logic. Learn how to identify and mitigate vulnerable code.

CWE-170 Improper Null Termination

Learn to describe, identify and avoid these vulnerabilities. Walk through code examples and understand the security risks they impose.

CWE-401 Improper Release of Memory

Memory leaks pose major security risks including denial-of-service attacks. Learn how to describe, identify and avoid them in your code.

CWE-457 Use of Uninitialized Variable

This issue can expose software to DOS attacks and arbitrary code execution. Learn key strategies to mitigate this weakness.

CWE-476 NULL Pointer Dereference

Learn about this vulnerability type and the security impact it can have. Walk through code examples and learn how to avoid issues.

CWE-377 Insecure Temporary Files

While many developers inherently trust application temporary files, the fact is they present a common entry path for attackers and pose many risks. Examine code examples and learn to avoid security issues.

CWE-77 Injection Vulnerabilities

Consequences of injection attacks include malicious code execution and theft of information. Learn to identify and correct vulnerable code.

Introduction to Secure Coding for C/C++

Learn fundamentals of secure coding and defensive coding principals for C/C++. Learn basics of buffer, stack and heap overflows and more.

Intro to Microsoft Security Development Lifecycle

Learn the benefits, steps and requirements for Security Development Lifecycle, as well as identifying the appropriate tools required.

OWASP Top Ten Threats and Mitigations

Identify and explain the threats in the OWASP Top 10, as well as the security principles and mitigation techniques related to them.