New body offers to secure Java programming


New body offers to secure Java programming

Ian Grant

More than 40 global user firms have set up a standard to test secure programming skills for Java programmers. This follows last month's move by software suppliers under the SafeCode initiative.

The group, the Secure Programming Council, has just completed its first consensus document, "Essential Skills for Secure Programmers Using Java/JavaEE," and is making the document available for public comment for 60 days. Once it has incorporated comment, the SPC will publish the document for all programmer training schools to use.

SPC members are mostly managers from large organisations who want their staff to use tools and training to ensure that new and existing applications that they develop do not have security flaws, whether built in-house, outsourced, or at commercial software companies.

Any firm will be able to use SPC's set of standardised tests that measure these essential skills in-house to find gaps in programmer skills, and to assess job candidates, consultants, and outsourcing organisations. A key concern is to prevent attacks that use cross-site scripting and SQL injection techniques.

The tests will run in London on 5 December, in Washington DC on 12 December, and in 15 other cities in the US and Europe over the next eight months.

Parallel examinations are also available for on-line administration inside large organisations. Additional data about the tests can be seen at

Related Topics: Web software, VIEW ALL TOPICS

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy