Secure coding guidelines ...

Security Development Lifecycle (SDL) is a software development process that helps developers build more secure software and address security compliance requirements while reducing development cost.

Common Secure Coding Guidelines:

1. Input Validation
2. Output Encoding
3. Authentication and Password Management (includes secure handling of credentials by external services/scripts)
4. Session Management
5. Access Control
6. Cryptography Practices
7. Error Handling and Logging
8. Data Protection
9. Communication Security
10. System Configuration
11. Database Security
12. File Management
13. Memory Management
14. General Coding Practices

Secure Coding Books:

1. The CERT Oracle Secure Coding Standard for Java (SEI Series in Software Engineering) 
2. Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs (SEI Series in Software Engineering)
3. Secure Coding in C and C++ (SEI Series in Software Engineering)

ref:

1. OWASP Security Reference Guide -

• https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide
• https://www.owasp.org/images/0/08/OWASP_SCP_Quick_Reference_Guide_v2.pdf
• https://www.owasp.org/index.php/OWASP_Java_Table_of_Contents#J2EE_Security_for_Developers
• https://security.berkeley.edu/content/application-software-security-guidelines
• https://www.owasp.org/index.php/Java_leading_security_practice

2. Java coding guidelines - 

• carnegie mellon university Android coding guidelines -  https://www.securecoding.cert.org/confluence/display/android/Android+Secure+Coding+Standard
• carnegie mellon university ‘oracle coding standard for java’ - https://www.securecoding.cert.org/confluence/display/java/Java+Coding+Guidelines
• carnegie mellon university ‘oracle coding standard for java synchronization ’ - https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=1858104, https://www.securecoding.cert.org/confluence/display/java/SEI+CERT+Oracle+Coding+Standard+for+Java
• Java Thread synchronization - https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=18581044

3. Oracle's Java Security guidelines -

• http://www.oracle.com/technetwork/java/seccodeguide-139067.html
• http://docs.oracle.com/cd/E26502_01/html/E29016/scode-1.html

4. Java Security guidelines videos - 

• https://www.youtube.com/watch?v=08gdSEeeiS4
• https://www.youtube.com/watch?v=PJaQM1UpdRQ

5. Twelve rules for developing more secure Java code - http://www.javaworld.com/article/2076837/mobile-java/twelve-rules-for-developing-more-secure-java-code.html

6. Security Development Life Cycle(SDL) - 

• https://msdn.microsoft.com/en-us/library/windows/desktop/84aed186-1d75-4366-8e61-8d258746bopq.aspx
• https://msdn.microsoft.com/en-us/library/windows/desktop/ee663293(v=vs.85).aspx