...
Synchronization is a more secure alternative in situations where the volatile keyword or a java.util.concurrent.atomic.Atomic* field is inappropriate, such as if a variable's new value depends on its current value. For more information, see CON01-J. Ensure that compound operations on shared variables are atomic.
Compliance with CON04-J. Synchronize Use private final lock objects to synchronize classes that may interact with untrusted code using a private final lock object can reduce the likelihood of misuse by ensuring that untrusted callers cannot access the lock object.
...