An essential element of secure coding in the Java programming language is a well-documented and enforceable coding standard. The CERT Oracle Secure Coding Standard for Java provides rules for secure coding in the Java programming language. The goal of these rules is to eliminate insecure coding practices that can lead to exploitable vulnerabilities. The application of the secure coding standard leads to higher quality systems that are safe, secure, reliable, dependable, robust, resilient, available, and maintainable and can be used as a metric to evaluate source code for these properties (using manual or automated processes).

This coding standard affects the wide range of software systems developed in the Java programming language.

Rule: Scope

Rule: Audience

Rules and Recommendations

Rule: Contents and Organization

Rule: Identifiers

Rule: Usage

Rule: System Qualities

Rule: Priority and Levels

Rule: Automatically Generated Code

Rule: Conformance Testing

Rule: Tool Selection and Validation

Rec.: Tool Selection and Validation