BOSTON SYDNEY–(BUSINESS WIRE)–Secure application development platform provider Secure
Code Warrior (SCW) today launched Coders
Conquer Security: Share and Learn, a weekly blog series, authored by
Product Evangelist and Security Engineer Jaap Karan Singh, that includes
videos and hands-on challenges covering the top thirty security
vulnerabilities found in software applications today.
Each week, beginning today December 6, a new post will take an in-depth
exploration of one security vulnerability, rounding out the top thirty
risks developers need to be able to defend against. The series will
cover the OWASP Top 10 and far beyond, creating a free library of guides
and training aimed at helping junior developers write better, more
secure code. The first posts will focus on cross-site scripting and SQL
injection, with subsequent releases delving into vulnerabilities such as
typecasting, unrestricted file uploads and LDAP injection.
Co-founder and CEO of Secure Code Warrior, Pieter
Danhieux, supports organizations in building a formidable security
culture within their development teams, utilizing the SCW platform to
deliver them the right knowledge, tools and positive engagement to make
a significant impact towards security best practice. A push towards this
holistic solution has proved measurably beneficial, with one of Secure
Code Warrior’s customers reporting a 60% increase in secure development
capability across a group of hundreds of developers. They required their
developers to play a single, five-minute challenge every day for two
months, testing their skills before and after the training period and
observed this significant improvement.
Danhieux said that providing junior developers with helpful, free guides
and training on finding and fixing security vulnerabilities is aimed at
lifting engagement and interest in secure coding, especially for
developers who lack experience with significant security theory:
“With so many developers leaving formal education institutions without
good security knowledge, and most companies not providing adequate
security training, we knew this was a gap we could help address. It is
our aim to provide these free blogs, videos, and challenges to all
developers to showcase the top vulnerabilities, and most importantly,
how to fix them. It is this sense of achievement and upskilling that
could spark a whole new interest in secure coding for developers while
improving their personal standard of code.”
A new Coders Conquer Security guide will appear weekly on the Secure
Code Warrior blog from December 6, and will feature the following:
- An in-depth explanation of a security vulnerability
- How it works and why it is dangerous
- How to prevent these vulnerabilities in code as it is being written
- An instructional summary video
- A link to a Secure Code Warrior gamified learning challenge
From there, it is hoped that junior developers will work on their
security mindset and champion secure code within their teams.
“I would love to see more developers championing security, fostering a
higher standard within their team. Often, this can be key to successful
risk mitigation and getting developer and security teams working
together more efficiently. Secure Code Warrior can certainly continue to
assist this upskilling with our highly engaging, gamified online
training.” Danhieux said.
The Coders Conquer Security: Share and Learn Series will begin from
December 6 and can be found at https://insights.securecodewarrior.com.
About Secure Code Warrior
Secure Code Warrior is a global
security company that makes software development better and more secure.
Our vision is to empower developers to be the first line of defense in
their organization by making security highly visible and providing them
with the skills and tools to write secure code from the beginning.
We have built a powerful platform that moves the focus from reaction to
prevention, training and equipping developers to think and act with a
security mindset as they build and verify their skills, gain real-time
advice and monitor skill development. Our customers include financial
institutions, telecommunications providers and global technology
companies in Europe, North America and the Asia Pacific.