This talk describes a “recipe” for developing compiler-backed secure programming models that eliminate entire classes of memory-safety security vulnerabilities in C-based languages. We will explain how we used this recipe to design Clang’s -fbounds-safety language extension, Clang’s -Wunsafe-buffer-usage programming model and the Clang Static Analyzer’s WebKit smart pointer checks. We will also describe the need for new Clang-based static analysis infrastructure to enable faster, lower-developer-cost adoption of these programming models.