Security practices in Java can be separated into two broad, vaguely defined categories; Java platform security, and secure Java programming.
Java platform security practices deal with managing the security and integrity of the JVM. It includes such topics as managing JCE providers and security policies.
Secure Java programming practices concern the best ways to write secure Java programs. It includes such topics as using random numbers and cryptography, and preventing vulnerabilities.
While examples should be clearly made, some topics that must be covered are: