Secure Coding

Tutorials and training on how to build secure applications using the latest in secure and defensive programming strategies.

In this session, we'll give a demonstration of using a centralized authentication service to secure many different microservices. The demo will be based on Project Keycloak, but it would apply as well to Stormpath, Ping.Indenty, or similar services.

Steven Pousty
Red Hat Developer Alumnus

What is Secure Coding?

Secure coding is a set of technologies and best practices for making software as secure and stable as possible. It encompasses everything from encryption, certificates, and federated identity to recommendations for moving sensitive data, accessing a file system, and managing memory. Although the security landscape is always changing, secure coding tries to make building secure software more of a science than an art. 

Free Best Practices Guide for Defensive Coding

Writing secure code should be top of mind, especially given the number of application security breaches that find their way into the news. A critical first step is learning important secure coding principles and how they can be applied so you can code with security in mind. The Fedora Project's Defensive Coding Guide provides guidelines for improving software security through secure coding. It covers common programming languages and libraries, and focuses on concrete recommendations.

  • The first part of the book contains useful tips for seven programming languages, such as C++, Java, or Go.
  • Part two is dedicated to secure coding principles from manipulating files to processes.
  • Part three offers tips for authentication, authorization, cryptographic protocols, hardware security modules, and smart cards.

Start Reading

The Latest on Secure Coding & Security

Detecting memory management bugs with GCC 11, Part 2: Deallocation functions

Detecting memory management bugs with GCC 11, Part 2: Deallocation functions

May 5, 2021

The first half of this article described dynamic memory allocation in C and C++, along with some of the new GNU Compiler Collection (GCC) 11 features that help you detect errors in dynamic allocation. This second half completes the tour of GCC 11 features in this area and explains where the detection mechanism might report […]

Enhance application security by rotating 3scale access tokens

Enhance application security by rotating 3scale access tokens

April 29, 2021

In Red Hat 3scale API Management, access tokens allow authentication against the 3scale APIs. An access token can provide read and write access to the Billing, Account Management, and Analytics APIs. Therefore, ensuring you are handling access tokens carefully is paramount. This article explains how to enhance security by making access tokens ephemeral. By the […]

Integrate Red Hat Data Grid and Red Hat's single sign-on technology on Red Hat OpenShift

Integrate Red Hat Data Grid and Red Hat's single sign-on technology on Red Hat OpenShift

April 23, 2021

Using Red Hat Data Grid as an external cache for Red Hat’s single sign-on technology makes it possible for Data Grid to store data independent of the application layer. This way, Data Grid provides application elasticity, failover across data centers, and a reduced memory footprint. The most common use case for this combination is cross-datacenter […]

Broadening compiler checks for buffer overflows in _FORTIFY_SOURCE

Broadening compiler checks for buffer overflows in _FORTIFY_SOURCE

April 16, 2021

Buffer overruns are by far the most common vulnerability in C or C++ programs, and a number of techniques have come up over the years to detect overruns early and abort execution. The _FORTIFY_SOURCE macro, provided by the GNU C Library, helps mitigate a number of these overruns and is widely deployed in Red Hat […]

Vulnerability analysis for Golang applications with Red Hat CodeReady Dependency Analytics

Vulnerability analysis for Golang applications with Red Hat CodeReady Dependency Analytics

April 15, 2021

Red Hat CodeReady Dependency Analytics, powered by Snyk Intel Vulnerability database, helps developers find, identify, and fix security vulnerabilities in their code. In the latest 0.3.2 release, we focused on supporting vulnerability analysis for Golang application dependencies, providing easier access to vulnerability details uniquely known to Snyk, and other user experience improvements. Vulnerability analysis for […]

More articles on security

Latest Comments

Waiting for Disqus…