Hi, Jeanne. Thanks for the great review!
This is a trick question, right? You're trying to get me to admit that one book is less worthwhile, right?
So my answer is: it depends.
If your goal is to make yourself a better programmer, buy Java Coding Guidelines.
If your goal is to make your code more secure, buy The CERT Oracle Secure Coding Standard for Java.
Jeanne Boyarsky wrote:Between "Java Coding Guideliness" and it's predecessor "The CERT Oracle Secure Coding Standard for Java", which one do you recommend people buy and why. And no saying "both."
One book contends in the heavyweight category while the other contends for the lightweight title!
I'd recommend the lightweight "Java Coding Guidelines" book because of the more intuitive classification of guidelines which gives you a feel of the message we are trying to get across. If you like what you see here, chances are that you would want to delve deeper into Java's rich set of features in which case you can look at the predecessor, "The CERT Oracle Secure Coding Standard for Java". The predecessor book groups together secure programming best practices by Java's various features and can be particularly useful for readers who want to understand how to use those features correctly and securely. Using them in conjunction can be quite effective too.