...
Synchronization is a more secure alternative in situations where the volatile keyword or a java.util.concurrent.atomic.Atomic* field is inappropriate, such as if a variable's new value depends on its current value. For more information, see VNA02-J. Ensure that compound operations on shared variables are atomic.
Compliance with CON07 LCK00-J. Use private final lock objects to synchronize classes that may interact with untrusted code can reduce the likelihood of misuse by ensuring that untrusted callers cannot access the lock object.
...