CERT-SEI

Secure Coding Products & Services

The CERT Division offers training in secure coding and source code conformance testing using SCALe.

Secure Coding Training

The following courses are related to our work in secure coding:

  • Secure Coding in C and C++ is a four-day course offered by the CERT Division of the SEI. The course covers common programming errors in C and C++ in detail, as well as how these errors can lead to code that is vulnerable to exploitation.
  • The Java Workshop is offered by the CERT Division on request. In this workshop, secure coding experts work with your technical staff to improve their secure use of Java. Contact us to request a Java workshop at your site.
  • A Secure Coding course, developed by a team led by Robert Seacord, is available through Carnegie Mellon's Open Learning Initiative. This course addresses a key need in professional education for software developers. Topics covered include the secure and insecure use of integers, arrays, strings, dynamic memory, formatted input/output functions, and file I/O. Continued development is being funded by partnerships with industry.

SCALe

The CERT Division's Source Code Analysis Laboratory (SCALe) offers conformance testing of C and Java language software systems against the CERT C Secure Coding Standard and the CERT Oracle Secure Coding Standard for Java.