Most of the time when we analyze a software, we search the man page for usage of certain API and sometimes about the pattern of the code. Over a period of time you create a set of patterns in your mind. Sometimes we can learn that patterns from few Secure Coding standards websites. They give example on how not to write. This is the other way of learning to find the bugs. Here is the list of Secure Coding Standards links that I could able to find. If you have any more, please add it in the comment.

http://community.corest.com/~gera/InsecureProgramming/

https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines

https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=637

https://www.securecoding.cert.org/confluence/display/seccode/CERT+C+Secure+Coding+Standard

CERT Oracle Secure Coding standard for Java

http://www.viva64.com/en/a/0065/ (A Collection of Examples of 64-bit Errors in Real Programs)

http://www.viva64.com/en/a/0042/ (Seven Steps of Migrating a Program to a 64-bit System)

http://www.viva64.com/en/l/ (Lessons on development of 64-bit C/C++ applications)

http://www.oracle.com/technetwork/java/seccodeguide-139067.html (Secure Coding Guidelines for the Java Programming Language, Version 4.0)

http://samate.nist.gov/index.php/Source_Code_Security_Analyzers.html

Apple’s Secure Coding standard

https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/coding/305-BSI.html

Klocwork’s CERT C and C++ Secure Coding Standard

https://www.securecoding.cert.org/confluence/display/seccode/Klocwork+Cross+Reference

http://grouper.ieee.org/groups/plv/

https://www.owasp.org/index.php/Secure_Coding_Principles

http://developer.klocwork.com/klocwork-university/security-innovation/secure-coding

http://www.saferc.com/

http://stackoverflow.com/questions/4780410/secure-c-coding-practices