Security for C++

Speaker: Kostya Serebryany , Google

Date: Wednesday, November 02, 2016

Time: 11:00 AM to 12:00 PM Note: all times are in the Eastern Time Zone

Public: Yes

Location: 32-G882

Event Type:

Room Description:

Host: CSAIL Security Seminar

Contact: Frank Wang,

Relevant URL:

Speaker URL: None

Speaker Photo:

Reminders to:,

Reminder Subject: TALK: Security for C++

**NOTE**: This is at 11 am instead of the normal 4 pm slot.

The talk will give an overview of various dynamic testing tools, fuzzers, and security hardening techniques developed at Google, both for user space and the Linux Kernel: The sanitizers (AddressSanitizer, ThreadSanitizer, ...) allow you to find memory corruption bugs, races, and more, both in user space and in the Kernel. libFuzzer (user space) and Syzkaller (kernel) are guided evolutionary fuzzers; they will find inputs that touch the darkest corners of your code. ControlFlowIntegrity and SafeStack are security mitigation techniques that will protect your binaries in production even if security bugs still exist and are known to adversaries.

All these tools are opensource.

Konstantin (Kostya) Serebryany is a Software Engineer at Google. His team develops and deploys dynamic testing tools, such as AddressSanitizer, MemorySanitizer, ThreadSanitizer, and libFuzzer. Prior to joining Google in 2007, Konstantin spent 4 years at Elbrus/MCST working for Sun compiler lab and then 3 years at Intel Compiler Lab. Konstantin holds a PhD from and a M.S. from

Research Areas:

Impact Areas:

See other events that are part of the CSAIL Security Seminar 2016/2017.

Created by Frank Wang Email at Thursday, September 22, 2016 at 9:42 AM.