Secure software development concepts and methods. Memory-based attacks, such as buffer overflow, code injection, format string attacks. Defenses against memory-based attacks, such as memory safety, type safety, control-flow integrity and secure coding. Web security including SQL injection, session hijacking, cross-site scripting. Designing and building secure software by including security in all phases of software development lifecycle. Automated code review with static analysis and symbolic execution.
