You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 71 Next »

Welcome to the Secure Coding Web Site

This web site exists to support the development of secure coding standards for commonly used programming languages such as C and C++. These standards are being developed through a broad-based community effort including the CERT Secure Coding Initiative and members of the software development and software security communities. For a further explanation of this project and tips on how to contribute, please see the Development Guidelines.

As this is a development web site, many of the pages are incomplete or contain errors. If you are interested in furthering this effort, you may comment on existing items or send recommendations to secure-coding at cert dot org. You may also apply for an account to directly edit content on the site. Before using this site, please familiarize yourself with the Terms and Conditions.

The CERT Sun Microsystems Secure Coding Standard for Java

CERT and Sun Microsystems has released The CERT Sun Microsystems Secure Coding Standard for Java.

The rules and recommendations are not globally editable, but anyone is able to add comments, and qualified individuals can be added as editors.

We are depending on the active involvement of the Java community (you) to make this effort a success. We invite you to participate in this effort by reviewing content in the Java space and providing comments, or by contributing new rules and recommendations for secure Java coding. These can be included as comments or emailed to secure-coding at cert dot com.

Java is a trademark or registered trademark of Sun Microsystems, Inc. in the US and other countries.

The CERT C Secure Coding Standard

Version 1.0 of The CERT C Secure Coding Standard is now available as a book from Addison-Wesley. This official release can be used as a fixed point of reference for the development of compliant applications and source code analysis tools.

Development of the next version of the CERT C Secure Coding Standard is being performed here on the secure coding wiki. This version is a work-in-progress and reflects the current thinking of the secure coding community. Subsequent official releases of this standard will be issued as dictated by the needs and interests of the secure software development community.

The Top 10 Secure Coding Practices provides some language independent recommendations.

Secure Coding Standards

CERT C++ Secure Coding Standard

The CERT Sun Microsystems Secure Coding Standard for Java

We would like to acknowledge the contributions of the following folks, and we look forward to seeing your name there as well.

  • No labels