Secure Coding Rules For Java Part I
Download Secure Coding Rules For Java Part I PDF/ePub or read online books in Mobi eBooks. Click Download or Read Online button to get Secure Coding Rules For Java Part I book now. This website allows unlimited access to, at the time of writing, more than 1.5 million titles, including hundreds of thousands of titles in various foreign languages.
Secure Coding Rules for Java, Part I
6+ Hours of Video Instruction Overview Java Professional Development LiveLessons provides developers with practical guidance for developing Java programs that are robust and secure. These LiveLessons complement The CERT Oracle Secure Coding Standard for Java . Description In this video training, Robert provides complementary coverage to the rules in The CERT Oracle Secure Coding Standard for Java, demonstrating common Java programming errors and their consequences using Java 8 and Eclipse. Robert describes language behaviors left to the discretion of JVM and compiler implementers and guides developers in the proper use of Java's APIs including lang, util, Collections, Concurrency Utilities, Logging, Management, Reflection, Regular Expressions, Zip, I/O, JMX, JNI, Math, Serialization, and JAXP. About the Instructor Robert C. Seacord is the secure coding technical manager in the CERT Division of Carnegie Mellon's Software Engineering Institute (SEI) in Pittsburgh, Pennsylvania. Robert is also a professor in the Institute for Software Research and the Information Networking Institute at Carnegie Mellon University. He is the author of eight books on software development including The CERT ® Oracle ® Secure Coding Standard for Java TM (Addison- Wesley, 2012) and JavaTM Coding Guidelines 75 Recommendations for Reliable and Secure Programs (Addison-Wesley, 2013). He has also published more than sixty papers on software security, component-based software engineering, web-based system design, legacy-system modernization, component repositories and search engines, and user interface design and development. Skill Level Advanced What You Will Learn How to perform common Java language programming tasks correctly. How to avoid programming errors that are not detected or reported by the compiler. How to develop programs that are robust, reliable, secure, and fast. Who Should Take This Course Java developers who wish to make the transition from a skilled amateur to a software professional capable of developing code that has to work. Course Requirements Understanding of programming and development Experience with Java programming Familiarity with Eclipse Table of Contents Part I (of III) Introduction Lesson 1: Java Security Concepts Lesson 2: Input Validation and Data Sanitization (IDS) Lesson 3: Declarations and Initialization (DCL): Lesson 4: Expressions (EXP) Lesson 5: Numeric Types and Operations (NUM) Lesson 6: Characters and Strings (STR) Summary Part I...
Secure Coding Rules for Java
3+ Hours of Video Instruction Secure Coding Rules for Java: Serialization LiveLessons provides developers with practical guidance for securely implementing Java Serialization. Overview Secure coding expert, Robert C. Seacord trains developers to understand Java serialization and the inherent security risks. Seacord also demonstrates how to securely implement serializable classes and evaluate mitigation strategies and alternative solutions. Java deserialization is an insecure language features that is widely used both directly by applications and indirectly by Java modules and libraries. Deserialization of untrusted streams can result in remote code execution (RCE), denial-of service (DoS), and a range of other exploits. Applications can be vulnerable to these attacks even when they are free from coding defects. Related Titles: Secure Coding Rules in Java: Part 1 LiveLessons (Video) The CERT Oracle Secure Coding Standard for Java (Book) Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs (Book) About the Instructor Robert C. Seacord is a Technical Director with NCC Group where he works with software developers and software development organizations to eliminate vulnerabilities resulting from coding errors before they are deployed. Previously, Robert led the secure coding initiative in the CERT Division of Carnegie Mellon University's Software Engineering Institute (SEI). Robert is also an adjunct professor in the School of Computer Science and the Information Networking Institute at Carnegie Mellon University. Robert is the author of six books, including The CERT C Coding Standard, Second Edition (Addison-Wesley, 2014), Secure Coding in C and C++, Second Edition (Addison-Wesley, 2013), The CERT Oracle Secure Coding Standard for Java (Addison-Wesley, 2012), and Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs (Addison-Wesley, 2014). Robert is on the Advisory Board for the Linux Foundation and an expert on the ISO/IEC JTC1/SC22/WG14 international standardization working group for the C programming language. Skill Level Advanced Learning objectives: Understand Java object serialization Understand serialization security risks Understand deserialization vulnerabilities How to securely implement serializable classes Evaluate migration strategies Evaluate alternative solutions Who Should Take This Course Experienced Java developers Course Requirements Understanding of programming and development Expe...
Java Coding Guidelines
“A must-read for all Java developers. . . . Every developer has a responsibility to author code that is free of significant security vulnerabilities. This book provides realistic guidance to help Java developers implement desired functionality with security, reliability, and maintainability goals in mind.” –Mary Ann Davidson, Chief Security Officer, Oracle Corporation Organizations worldwide rely on Java code to perform mission-critical tasks, and therefore that code must be reliable, robust, fast, maintainable, and secure. JavaTM Coding Guidelines brings together expert guidelines, recommendations, and code examples to help you meet these demands. Written by the same team that brought you The CERT® Oracle ® Secure Coding Standard for JavaTM, this guide extends that previous work’s expert security advice to address many additional quality attributes. You’ll find 75 guidelines, each presented consistently and intuitively. For each guideline, conformance requirements are specified; for most, noncompliant code examples and compliant solutions are also offered. The authors explain when to apply each guideline and provide references to even more detailed information. Reflecting pioneering research on Java security, JavaTM Coding Guidelines offers updated techniques for protecting against both deliberate attacks and other unexpected events. You’ll find best practices for improving code reliability and clarity, and a full chapter exposing common misunderstandings that lead to suboptimal code. With a Foreword by James A. Gosling, Father of the Java Programming Language