Java security rule #2: Avoid serialization This is another coding tip, but it’s important enough to be a rule of its own.

"The CERT Oracle Secure Coding Standard for Java" book covers the rules for secure coding using Java programming language. InfoQ spoke with book authors on how these rules can help Java developers.

Traditionally this means using a logging framework like log4j or the Java Logging API, and then writing and maintaining all necessary log statements manually. This is very tedious and error-prone ...

Java NIO provides modern APIs for file operations, including path manipulation and validation. Path and files: Use java.nio.file.Path and java.nio.file.Files for secure file operations.

No software application can boast 100% security, but IT teams should always be looking for hidden threats that put their secure Java software stack in danger.

Java platform provider Azul and container security company Chainguard have formed a strategic partnership to deliver secure container images for Java applications, addressing enterprise concerns about ...

U.S. organizations that fail to secure customer data against Log4Shell, a zero-day vulnerability in the widely used Log4j Java logging library, could face legal repercussions, the Federal Trade ...