Embracing an Adversarial Mindset for C++ Security Amanda Rousseau 9/18/2024 This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY1 cross-org issues to combat a whole bug class 15% ● Writing tools to help with discovery 4%Adversarial Mindset Not taught in traditional institutionsThinking Like an Adversary Challenging assumptions Creatively libraries: • clang_rt.fuzzer_no_main-x86_64.lib • libsancov.libImportance of a security-focused mindset Considering security from the start of a project Threat modeling at the design stage Know the

The Outward Mindset Think about: The People in your life you most like Your Best Boss The person who Inspires you to do your best The acquaintance you most respect KCPD Swat Team Taking criminals down Share? Inward Mindset How can this affect a Contract proposal process. i.e. What do I need to do to win business vs What do I need to do to provide value to the warfighter Inward mindset at work “Nice” “Nice” inward mindset Outward mindset CFS2 – Debt Collection. Berate Debtors until they pay vs Find help for Clients so that they can pay San Antonio Spurs 13/20 in 1st place -Players who have “gotten

successful companies are often those who treat it as a new paradigm. This leads to an experimental 
 mindset and an iterative approach that gets to value faster and with greater buy-in from 
 users and stakeholders apply across all markets. The common theme: AI deployment benefits from an open, experimental mindset, backed by rigorous evaluations, and safety guardrails. The companies seeing success aren’t rushing

complicated... Choose the smallest amount of work that you can write a test for "Engineering" mindset "Hacking" mindset Courtesy of Phil Nash 82TDD is difficult... Takes dedicated practice Requires a new

together Instant evaluation Grow furtherTransformation Resistance low with others Contagious Mindset Each others’ support Let’s try it out!Quality Ownership Knowledge Evolution Transformations

business outcomes rather than operating an order-taking function. This shift in organizational mindset is critical to any successful technology transformation but requires substantial changes in behavior

about what characteristics such a model should have in order to both take advantage of the Agile mindset and remain consistent with it.  the investment decision and the oversight process would form a

also affect compiler optimizations! 65 skewed profiling is still useful, but requires a different mindset Gotchas Beware excessive instrumentation!• just wait a little bit more (host application may not

92Programming with a value-based language • In a reference-based language like C# or Java, the mindset is different • One gets indirect access by default for class instances • Objects are zeroed by

Models Outlook Summary Abstract Conceptually: std::simd types express data-parallelism. Wrong mindset: std::simd types are specific SIMD registers. Which is why I prefer to call them “data-parallel