CERT Secure Coding team, part of the Software Engineering Institute at Carnegie Mellon University, have recently released secure coding guidelines specific to Java's application in the Android ...

"The CERT Oracle Secure Coding Standard for Java" book covers the rules for secure coding using Java programming language. InfoQ spoke with book authors on how these rules can help Java developers.

No software application can boast 100% security, but IT teams should always be looking for hidden threats that put their secure Java software stack in danger.

Secure coding: Prevent unauthorized access through path traversal (CWE-22) CWE-22 describes the improper modification of a path name to a restricted directory. How can the vulnerability be addressed?

News Rule of secure coding: 'See input as evil' By Jack Vaughan April 15, 2003 We recently asked security maven Steve Orrin to tell us some of the tenets of secure coding today. While this was once an ...

A newly discovered zero-day vulnerability in the widely used Java logging library Apache Log4j is easy to exploit and enables attackers to gain full control of affected servers.

Secure software supply chain solution provider Chainguard Inc. today announced Chainguard Libraries, a new product line that offers secure language libraries for Java built directly from source in ...

A group of more than 360 organizations led by the SANS Institute will offer tests later this year designed to assess software developers' security skills. The goal: to stamp out common coding errors.

This article will show how to implement such a Java agent, which transparently will add entry and exit logging to all methods in all your classes with the standard Java Logging API. The example ...