"The CERT Oracle Secure Coding Standard for Java" book covers the rules for secure coding using Java programming language. InfoQ spoke with book authors on how these rules can help Java developers.

Secure coding: Prevent unauthorized access through path traversal (CWE-22) CWE-22 describes the improper modification of a path name to a restricted directory. How can the vulnerability be addressed?

Oracle maintains a list of potential vectors for this type of problem in its Secure Coding Guidelines for Java SE document, under the “Denial Of Service” heading.

Secure Code Warrior has launched Missions - allowing developers to experience the impact of insecure code first hand, within a safe environment.

No software application can boast 100% security, but IT teams should always be looking for hidden threats that put their secure Java software stack in danger.

A group of secure-programming experts plans a series of documents that outline the skills coders need to write Web applications that are better able to withstand attacks.

News Rule of secure coding: 'See input as evil' By Jack Vaughan April 15, 2003 We recently asked security maven Steve Orrin to tell us some of the tenets of secure coding today. While this was once an ...

How do you know how good your in-house developers—or even more, your outsourced providers—are at producing secure code? Pretty much, you don’t. Enter the Secure Programming Council, a 40-organization ...

Plain text passwords waiting to be hacked Developers are still coding plain text passwords into their applications. Sometimes plain text passwords appear in the source code. Sometimes they’re stored ...