"The CERT Oracle Secure Coding Standard for Java" book covers the rules for secure coding using Java programming language. InfoQ spoke with book authors on how these rules can help Java developers.

Although secure coding practices are widely available, developers still frequently make security mistakes. The more developers that know about threat aversion, the more likely it is that the ...

Industry group issues “essentials” for developing safe code A group of secure-programming experts plans a series of documents that outline the skills coders need to write Web applications that ...

Secure coding: Prevent unauthorized access through path traversal (CWE-22) CWE-22 describes the improper modification of a path name to a restricted directory. How can the vulnerability be addressed?

It’s true that Java has fewer identified vulnerabilities than some other commonly used languages. It’s also true that some newer languages appear more secure than Java, at least at first glance.

No software application can boast 100% security, but IT teams should always be looking for hidden threats that put their secure Java software stack in danger.

New research from software security specialist Fortify reveals that bugs are far less common in Java compared with commercial C/C++ code ...

Scripting for More Secure Java Code Because she works on a DevSecOps team, Boyarsky thinks a lot about process automation across enterprises with many teams.

Nearly half (45%) of AI-generated code contains security flaws despite appearing production-ready, new research from Veracode has found.

Java platform provider Azul and container security company Chainguard have formed a strategic partnership to deliver secure container images for Java applications, addressing enterprise concerns about ...