Play AppSec WarGames
Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.
Go 1.18 comes with two exciting security features
It is exciting for me to see two new (security) features that will be added to Go. This will shift the language security to a new level:
-
Fuzzing as a first class citizen: after seeing the value of fuzzing and volume of hard-to-find bugs discovered (see go-fuzz), there is proposal to add fuzzing to go binary. This means you can
go fuzzsimilar togo test. -
Support for type parameters: Making Unsafe Behaviour Impossible is one the Defensive Programming principles that we cover in our workshops. However, implementation of the principle without phantom types is difficult and relies on third-party libraries. This proposal supersed the previous Design by Contact and can natively enforce safe behaviours (e.g. function call).
Go 1.18 will be released sometimes in early 2022.
