Secure Coding Products & Services
The CERT Division offers training in secure coding and source code conformance testing using SCALe.
Secure Coding Certificate Program & Training
The CERT Secure Coding Professional Certificate Program will help you to train your organization's teams to eliminate vulnerabilities during development, which can reduce the total cost of repairing the code versus making the repairs afterwards.
The following courses are part of the certificate program:
- Secure Coding in C and C++ provides practical advice on secure practices in C and C++ programming. Producing secure programs requires secure designs. However, even the best designs can lead to insecure programs if developers are unaware of the many security pitfalls inherent in C and C++ programming. This course provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to code that is vulnerable to exploitation.
- Secure Coding in Java is a four-day course that provides a detailed explanation of common programming errors in Java and describes how these errors can lead to code that is vulnerable to exploitation. The course concentrates on security issues intrinsic to the Java programming languages and associated libraries. The intent is for this course to be useful to anyone involved in developing secure Java programs regardless of the specific application.
Consulting Service for Optimizing Your Code Analysis Framework
Our CERT Secure Coding experts provide advice on how to optimize your system for analyzing code by strategically using multiple analyzer tools to discover more code flaws and by optimizing costly work with diagnostics by analysts. Contact us to request this service.
The CERT Division's Source Code Analysis Laboratory (SCALe) offers conformance testing of C and Java language software systems against the CERT C Secure Coding Standard and the CERT Oracle Secure Coding Standard for Java.
You can contribute to the CERT Secure Coding Standards wiki to help develop standards that work in the real world.
Talk to Our Assessment Experts
Our SCALe conformance experts can assess how well your organization's security-related practices compare to our secure coding best practices.