News

New body offers to secure Java programming

Ian Grant

More than 40 global user firms have set up a standard to test secure programming skills for Java programmers. This follows last month's move by software suppliers under the SafeCode initiative.

The group, the Secure Programming Council, has just completed its first consensus document, "Essential Skills for Secure Programmers Using Java/JavaEE," and is making the document available for public comment for 60 days. Once it has incorporated comment, the SPC will publish the document for all programmer training schools to use.

SPC members are mostly managers from large organisations who want their staff to use tools and training to ensure that new and existing applications that they develop do not have security flaws, whether built in-house, outsourced, or at commercial software companies.

Any firm will be able to use SPC's set of standardised tests that measure these essential skills in-house to find gaps in programmer skills, and to assess job candidates, consultants, and outsourcing organisations. A key concern is to prevent attacks that use cross-site scripting and SQL injection techniques.

The tests will run in London on 5 December, in Washington DC on 12 December, and in 15 other cities in the US and Europe over the next eight months.

Parallel examinations are also available for on-line administration inside large organisations. Additional data about the tests can be seen at www.sans.org/gssp.




Related Topics: Web software, VIEW ALL TOPICS

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy