• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

if you could only pick one secure coding book

 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 34856
369
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Between "Java Coding Guideliness" and it's predecessor "The CERT Oracle Secure Coding Standard for Java", which one do you recommend people buy and why. And no saying "both."

In my review, I note that I like the later slightly better. But it was a lot closer than I thought it would be.
 
David Svoboda
Author
Greenhorn
Posts: 13
5
Debian Java Mac OS X
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, Jeanne. Thanks for the great review!
This is a trick question, right? You're trying to get me to admit that one book is less worthwhile, right?

So my answer is: it depends.
If your goal is to make yourself a better programmer, buy Java Coding Guidelines.
If your goal is to make your code more secure, buy The CERT Oracle Secure Coding Standard for Java.
 
Dhruv Mohindra
Author
Greenhorn
Posts: 11
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Jeanne,
Thanks for your great reviews!

Jeanne Boyarsky wrote:Between "Java Coding Guideliness" and it's predecessor "The CERT Oracle Secure Coding Standard for Java", which one do you recommend people buy and why. And no saying "both."


One book contends in the heavyweight category while the other contends for the lightweight title!

I'd recommend the lightweight "Java Coding Guidelines" book because of the more intuitive classification of guidelines which gives you a feel of the message we are trying to get across. If you like what you see here, chances are that you would want to delve deeper into Java's rich set of features in which case you can look at the predecessor, "The CERT Oracle Secure Coding Standard for Java". The predecessor book groups together secure programming best practices by Java's various features and can be particularly useful for readers who want to understand how to use those features correctly and securely. Using them in conjunction can be quite effective too.
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 34856
369
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
David,
Not a trick question. I wanted to see how you compare them. And I really like your answer because it shows WHY you'd buy each one. Dhruv too but yours was more succinct.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic