Secure Coding

Episode description

Matthew Butler is a security researcher who has been using C++ professionally since 1990. He has spent the past three decades as a systems architect and software engineer developing systems for network security, law enforcement and national defense. He primarily works in signals intelligence and security on platforms ranging from embedded micro-controllers to FPGAs to large-scale, real-time platforms.

He is on the staff of both CppCon and C++Now as well as a member of the C++ Standards Committee. He spends most of his time in EWG, SG12 (Undefined Behavior and Vulnerabilities), SG14 (Low Latency) and, now, SG21 (Contracts). He is also a member of WG23 (Programming Language Vulnerabilities).

He prefers the role of predator when dealing with hackers and lives in the Rocky Mountains with his wife and daughter.

• What happened to C++20 Contracts?
• Fixing C++ with epochs
• Child Care at CppCon

• Matt Butler's Blog

• CppCon 2018: Matthew Butler "Secure Coding Best Practices: Your First Line is the Last Line of Defense"
• C++Now 2019: Matthew Butler "Secure Coding Best Practices - Threat Hunting"
• P1705 - Enumerating Undefined Behavior

• Errors that static code analysis does not find because it is not used
• PVS-Studio in the Clouds - Running the Analysis on Travis CI

• @robwirving
• @lefticus