Skip to Content
Hands-On Security in DevOps
book

Hands-On Security in DevOps

by Tony Hsiang-Chih Hsu
July 2018
Intermediate to advanced
356 pages
9h 18m
English
Packt Publishing
Content preview from Hands-On Security in DevOps

Secure compiling

Memory corruption and buffer overflow may result in exploit code injection attacks. For the C/C++ programming language, these can be protected by compiler options. By a properly secured configuration of a C/C++ compiler (GCC, MS Visual Studio), the application will be able to add an additional layer of runtime defenses against exploit code injection attacks. These are also mostly ignored by a development team. The common secure options are summarized in the following table:

Protection techniques
Secure options
OS/Compiler
Address Space Layout Randomization (ASLR)

echo 1 >/proc/sys/kernel/randomize_va_space

Android, Linux OS
Stack-based buffer overrun protection

-fstack-protector

–fstack-protector-all ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Securing DevOps

Securing DevOps

Julien Vehent
Kubernetes Security

Kubernetes Security

Liz Rice, Michael Hausenblas
Three Essentials for Agentic AI Security

Three Essentials for Agentic AI Security

Paolo Dal Cin, Daniel Kendzior, Yusof Seedat, Renato Marinho
Security Automation with Ansible 2

Security Automation with Ansible 2

Akash Mahajan, MADHU AKULA

Publisher Resources

ISBN: 9781788995504Other