This web site exists to support the development of secure coding standards for commonly used programming languages such as C, C++, and Java. These standards are being developed through a broad-based community effort including the CERT Secure Coding Initiative and members of the software development and software security communities. For a further explanation of this project and tips on how to contribute, please see the Development Guidelines. As this is a development web site, many of the pages are incomplete or contain errors. If you are interested in furthering this effort, you may comment on existing items or send recommendations to secure-coding at cert dot org. You may also request privileges to directly edit content on the site. |
|
CERT has released the Java Concurrency Guidelines technical report that documents the portion of the CERT Oracle Secure Coding Standard for Java that are related to concurrency. |
|
|
Presentations on Secure Coding in C and C++ from the Software Development Best Practices 2008 Conference are available on the Secure Coding Initiative page.
The Top 10 Secure Coding Practices provides some language independent recommendations.
We would like to acknowledge the contributions of the following folks, and we look forward to seeing your name there as well.