Welcome to the Secure Coding Web Site
This web site exists to support the development of secure coding standards for commonly used programming languages such as C and C++. These standards are being developed through a broad-based community effort including the CERT Secure Coding Initiative and members of the software development and software security communities. For a further explanation of this project and tips on how to contribute, please see the Development Guidelines.
As this is a development web site, many of the pages are incomplete or contain errors. If you are interested in furthering this effort, you may comment on existing items or send recommendations to secure-coding at cert dot org. You may also apply for an account to directly edit content on the site. Before using this site, please familiarize yourself with the Terms and Conditions.
Upcoming Events
We are providing training in Secure Coding in C and C++ at SANSFire 2007 in Washington D.C. on Wednesday, July 25, 2007 and at SANS Network Security 2007 in Las Vegas Saturday, September 29, 2007 - Sunday, September 30, 2007.
The Top 10 Secure Coding Practices provides some language independent recommendations.
Secure Coding Standards
CERT C Programming Language Secure Coding Standard
CERT C++ Programming Language Secure Coding Standard
We would like to acknowledge the contributions of the following folks, and we look forward to seeing your name there as well.