Java Security Resource Center

Java Logo
Java shield logo 128x128

What's New


JavaOne 2015 Call for Proposals is now open

JavaOne 2015 runs from October 25 - 29th in San Francisco, CA. The call for proposals is currently open through April 29th (inclusive). This is the third year for a dedicated Security track at Java One and last year it experienced strong attendance.  As we look to expand the breadth of the track we'd like to invite you to make a submission on this, or any of the many other topics.  Submit your talk.

Security for developers

Developers creating secure applications with Java should familiarize themselves with the following resources:

Advanced Management Console

The Advanced Management Console helps system administators manage old Java versions by which applications need which older Java version. The Advanced Management Console decreases the attack surface of those older versions by limiting their exposure and maintaining compatibility with known-safe applications.

Security for System Administrators

System Administrators are responsible for running Java applications in a secure manner, following principle of least privilege, and staying up to date with Java’s secure baseline (either for standard Java SE or the Server JRE).

Security for END Users

End Users running Java on their computers only need a few steps to verify and understand Java security on their devices:

Security for Security Professionals

Security Professionals performing system auditing, threat modeling, architecture, or code reviews of Java applications should familiarize themselves with Java’s security architecture and API documentation.

Left Curve
Java SDKs and Tools
Right Curve
Left Curve
Java Resources
Right Curve
Virtual Tech Summit Multidate Banner

VTS OnDemand RHS Banner

Java SE Advanced Best Practices WebCast

Duke's Choice RHS Banner

JavaOne 2014 Replay banner