"The CERT Oracle Secure Coding Standard for Java" book covers the rules for secure coding using Java programming language. InfoQ spoke with book authors on how these rules can help Java developers.

Look for vulnerabilities in your code, take advantage of the Java security APIs and packages, and use third-party tools to monitor and log your code for security issues.

The Java paper is open for public comment until Dec. 1 at [email protected]. While secure-programming can help, it’s not enough, Paller notes.

October 1, 2014—While conducting the research that produced The CERT® Oracle® Coding Standard for Java, the Secure Coding Team in the CERT Division of the Software Engineering Institute at ...

Nearly half (45%) of AI-generated code contains security flaws despite appearing production-ready, new research from Veracode has found.

Amazon Web Services' automated code review helps developers find serious security issues in Java and Python applications. Written by Liam Tung, Contributing Writer Feb. 16, 2022, 4:21 a.m. PT ...

Of course, the best way to avoid plain text passwords from being accessed by crafty hackers is simply to not include passwords in the secure Java code base. Many resources that are accessed at runtime ...

Thinking the problem might be access related, security permissions are incrementally reduced until the code in production works. After a victory dance, the well intended DevOps personnel who ...

The usage of the nasty vulnerability in the Java logging library Apache Log4j that allowed unauthenticated remote code execution could have kicked off as early as December 1. "Earliest evidence we ...

A critical flaw in a popularly used Java library is being exploited by malicious actors to deliver malware, while security researchers are scanning for vulnerable servers. The flaw and a proof-of ...