Secure Code Development and Lessons Learned from etcd Security Audit

Explore secure code development practices and insights from the etcd security audit in this conference talk. Gain valuable knowledge about common overlooked areas in code that pose security risks, ranging from general weaknesses to critical threats. Learn from project maintainers as they share their experience leading a third-party security audit of the etcd project. Discover the importance of secure coding for open-source projects and understand the combination of manual steps and automated tools required for effective security checks. Walk through reported security vulnerabilities from the audit work and understand their implications. Delve into critical areas of focus, code analysis techniques, the etcd security model, and the significance of proper documentation in maintaining secure systems.

Introduction
Agenda
Critical Areas
Code Analysis
About etcd
etcd Security Model
Documentation
Conclusion