The NSA Tips: Software Memory Safety cover art

The NSA Tips: Software Memory Safety

National Security Agency April 2023

Preview

£0.00 for first 30 days

Try for £0.00
Pick 1 audiobook a month from our unmatched collection - including bestsellers and new releases.
Listen all you want to thousands of included audiobooks, Originals, celeb exclusives, and podcasts.
Access exclusive sales and deals.
£7.99/month after 30 days. Renews automatically. See here for eligibility.

The NSA Tips: Software Memory Safety

By: National Security Agency
Narrated by: Tom Brooks
Try for £0.00

£7.99/month after 30 days. Renews automatically. See here for eligibility.

Buy Now for £6.99

Buy Now for £6.99

Confirm Purchase
Pay using card ending in
By completing your purchase, you agree to Audible's Conditions of Use and authorise Audible to charge your designated card or any other card on file. Please see our Privacy Notice, Cookies Notice and Interest-based Ads Notice.
Cancel

About this listen

Modern society relies heavily on software-based automation, implicitly trusting developers to write software that operates in the expected way and cannot be compromised for malicious purposes. While developers often perform rigorous testing to prepare the logic in software for surprising conditions, exploitable software vulnerabilities are still frequently based on memory issues. Examples include overflowing a memory buffer and leveraging issues with how software allocates and de-allocates memory.

Microsoft® revealed at a conference in 2019 that from 2006 to 2018 70 percent of their vulnerabilities were due to memory safety issues. [1] Google® also found a similar percentage of memory safety vulnerabilities over several years in Chrome®. [2] Malicious cyber actors can exploit these vulnerabilities for remote code execution or other adverse effects, which can often compromise a device and be the first step in large-scale network intrusions.

Commonly used languages, such as C and C++, provide a lot of freedom and flexibility in memory management while relying heavily on the programmer to perform the needed checks on memory references. Simple mistakes can lead to exploitable memory-based vulnerabilities. Software analysis tools can detect many instances of memory management issues and operating environment options can also provide some protection, but inherent protections offered by memory safe software languages can prevent or mitigate most memory management issues.

NSA recommends using a memory safe language when possible. While the use of added protections to non-memory safe languages and the use of memory safe languages do not provide absolute protection against exploitable memory issues, they do provide considerable protection. Therefore, the overarching software community across the private sector, academia, and the U.S. Government have begun initiatives to drive the culture of software development towards utilizing memory safe languages. [3] [4] [5]

©2023 Tom Brooks (P)2023 Tom Brooks
Programming Languages Software Software Development Programming
activate_Holiday_promo_in_buybox_DT_T2

Listeners also enjoyed...

Microservices with Kubernetes: Non-Programmer’s Handbook cover art
Computer Science 2.0 Beginners Crash Course cover art
Microservices Architecture Handbook: Non-Programmer's Guide for Building Microservices cover art
Cyber Intelligence Driven Risk cover art
The Ultimate Exam Prep A Comprehensive Study Guide for the AWS Certified Solutions Architect cover art
Zero Trust and Third-Party Risk cover art
SQL: The Ultimate and Simplifed Beginner's Guide to Mastery SQL Programming Step by Step - 2020 Edition cover art
Liquid Software cover art
Kubernetes Handbook: Non-Programmer’s Guide to Deploy Applications with Kubernetes cover art
Reactive Design Patterns cover art
Computer Networking First Step cover art
Essential CISA Exam Guide: Updated for the 26th Edition cover art
Cybersecurity for Beginners cover art
Prepare for the ISACA Certified Information Security Manager Exam cover art
CompTIA Security+ cover art
CISSP Exam Audio Study Guide! Practice Questions Edition! cover art

What listeners say about The NSA Tips: Software Memory Safety

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.