Using program instrumentation to identify security bugs (Oπe\n conf 2020)
On November 7, 2020 I had the pleasure of doing a gentle introduction to program instrumentation to an audience of mostly developers at the "Oπe\n conf 2020" conference. The presentation showed how instrumentation could be used to identify security bugs in software, but also how to protect production binaries from exploitation through program instrumentation.
Due to the limited time available for the presentation, I did not go into much detail on other uses of instrumentation or how to write your own instrumentation etc. Such topics are better covered by the set of presentations we had done with colleague Dimitris Tatsis at FOSSCOMM 2018. Having said that, this presentation serves as a good intro for developers who wish to understand how instrumentation fits into the SDLC and some of the tools that are available today as open source technologies for program instrumentation.
The related presentation material can be found below:
I would like to thank the organizers and session host for the event, and hope to meet everyone again next year.