David Sankel_大规模安全 C++：纵深防御策略.pdf

《David Sankel_大规模安全 C++：纵深防御策略.pdf》由会员分享，可在线阅读，更多相关《David Sankel_大规模安全 C++：纵深防御策略.pdf（30页珍藏版）》请在三个皮匠报告上搜索。

1、 2025 Adobe.All Rights Reserved.2025 Adobe.All Rights Reserved.2025 Adobe.All Rights Reserved.2025 Adobe.All Rights Reserved.2025 Adobe.All Rights Reserved.Safe C+at Scale A Defense in Depth Strategy大规模C+安全实践:纵深防御策略David Sankel|Principal ScientistImage generated with Adobe FireflySecure C+at Scale A

2、 Defense in Depth Strategy大规模C+安全实践:纵深防御策略David Sankel|Principal ScientistImage generated with Adobe Firefly 2025 Adobe.All Rights Reserved.2024 Adobe.All Rights Reserved.Adobe Confidential.Who am I?自我介绍Principal Scientist at Adobe/Adobe 首席科学家Leading the Tech Foundations Group 管理一个技术基础团队Also lead So

3、ftware Technology Lab 以及一个软件技术实验室C+Standardization Committee(WG21)/C+标准委员会(WG21)10 years experience on the committee 10 年委员会工作经验Contributed to std:variant,std:inplace_vector,reflection,and many other aspects of the language 为std:variant、std:input_vector、反射和C+语言的许多其他方面做出了贡献Director,Boost Foundation/B

4、oost 基金会负责人Current State of Security当前的安全形势9 2025 Adobe.All Rights Reserved.Vulnerability Root Causes/缺陷的根本原因70%76%70%94%67%30%24%30%33%MicrosoftGoogle AndroidGoogle Chromium6%Mozilla CriticalTotal Zero-Day Vulnerabilities(2021)OtherMemory Safety 2025 Adobe.All Rights Reserved.Vulnerability Root Cau

5、ses/缺陷的根本原因70%76%70%94%67%30%24%30%33%MicrosoftGoogle AndroidGoogle Chromium6%Mozilla CriticalTotal Zero-Day Vulnerabilities(2021)OtherMemory Safety 2025 Adobe.All Rights Reserved.Vulnerability Root Causes/缺陷的根本原因70%76%70%94%67%30%24%30%33%MicrosoftGoogle AndroidGoogle Chromium6%Mozilla CriticalTota

6、l Zero-Day Vulnerabilities(2021)OtherMemory Safety 2025 Adobe.All Rights Reserved.Vulnerability Root Causes/缺陷的根本原因70%76%70%94%67%30%24%30%33%MicrosoftGoogle AndroidGoogle Chromium6%Mozilla CriticalTotal Zero-Day Vulnerabilities(2021)OtherMemory Safety 2025 Adobe.All Rights Reserved.Vulnerability Ro