What’s new in Secure Code Warrior: Course guidelines, participation management, and new content
Here at Secure Code Warrior, we’re constantly innovating to help equip developers and organizations with the right skills to tackle today’s ever-changing security challenges. We do this through highly engaging, flexible, and easy-to-manage secure code enablement.
Everyone wants a good return on their investment when it comes to investing in their tech stack or additional training programs. When it comes to security though, you need to be playing a long game. Investing in developer-driven security will not only mitigate the risk of expensive breaches, the loss of productivity, and accumulated tech debt but also create a proactive and cost-effective strategy to stay ahead of today’s threat landscape.
This past quarter, Secure Core Warriors has implemented new ways to learn with Coding Labs, which is now available to all Secure Code Warrior customers. We are thrilled to announce enhancements to participation management and course versioning, and we created new course activities like Guidelines!
Let’s dive in to learn more!
Expanding the SCW Platform’s breadth and depth
Secure Code Warrior’s continued expansion into new content helps to keep our modules relevant, timely, and tailored to what you need to know in today’s cyber-security landscape. With industry-leading breadth and depth of over 55 languages, it’s easy to build and scale a program to train developers in a large number of languages and frameworks.
Coding Guidelines available in Courses
The addition of guidelines offers developers contextual and self-paced learning that primarily covers security mitigation. Guidelines are more in-depth than videos and focus on a specific language or framework. Other offensive-based activities such as challenges, Missions, and Walkthroughs already require developers to have an understanding of the vulnerability. We created Guidelines to complement these activities from a defensive viewpoint.
Developers can read through Guidelines in Courses, and admins can use them in Course templates. Guidelines cover vulnerabilities listed in OWASP Top 10 2021 and contain code snippets in C#, Java, JavaScript, Python, Pseudocode, and PHP.
New Challenge content
Secure Code Warrior regularly updates and creates new challenges that are relevant, timely, and tailored to your organization’s needs. We are excited to announce expanded challenges available in:
- Dart: Flutter - a mobile language for building smooth cross-platform apps on Android and iOS
- Terraform: GCP - an infrastructure as code development language for Google Cloud Provide.
Developers can analyze the code, find the vulnerability, and apply critical thinking to pick the best security implementation to prevent listed vulnerabilities.
Coming soon: new front-end developer content
Front-end developers need secure code enablement too! That’s why we will be releasing additional front-end vulnerabilities in Missions and Walkthroughs. Front-end developers will also be able to access front-end specific Missions in Courses.
These updates strive for comprehensive coverage of frontend-specific vulnerabilities- from common ones like DOM-based XSS, to less frequently encountered vulnerabilities such as CSS Injection.
Step-by-step walkthroughs will provide front-end developers with trusted guidance on how vulnerabilities are being exploited. Advanced developers will also be able to test their skills in front-end Missions in Tournaments.
Simplifying the admin and developer experience
Configuring a scalable and engaging secure code education program is now easier than ever with key usability improvements to the platform.
Course versioning, archiving, and participation management
Now, keep up with the ever-changing needs of an organization’s program with new ways to edit existing programs. Course versioning allows admins to edit their existing Courses without having to create a brand-new Course. Admins can also delete test Courses or non-relevant Courses that do not have any developers enrolled, helping them to unclutter their archives.
In addition, the ability to apply additional filters on the Course Management page will make it much simpler for admins to filter down to the course they want to work on. Courses can be filtered by a number of attributes such as Course status, end date, and teams enrolled. For instance, admins can easily locate all Courses with a time limit, with an end-of-Course assessment attached, or if the Course is in draft or preview.
In addition to versioning and filtering for Courses, admins are now able to re-invite Course participants in bulk, as well as remove them from a Course as needed. This gives admins a one-click solution to reinvite developers in an “invited” state, saving valuable time and energy to remind them to get back onto the platform and start learning!
That’s a wrap on this quarter’s new capabilities! Follow Secure Code Warrior on Twitter to get updates about the latest releases and improvements.
Interested in trying out Secure Code Warrior but don’t have an account yet? Sign up for a free trial account today to get started.
New at Secure Code Warrior: Experience new ways to manage courses and explore additional content.
Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.
Book a demo
Taylor Broadfoot-Nymark is a Product Marketing Manager at Secure Code Warrior. She has written several articles about cybersecurity and agile learning, and also leads product launches, GTM strategy, and customer advocacy.
Here at Secure Code Warrior, we’re constantly innovating to help equip developers and organizations with the right skills to tackle today’s ever-changing security challenges. We do this through highly engaging, flexible, and easy-to-manage secure code enablement.
Everyone wants a good return on their investment when it comes to investing in their tech stack or additional training programs. When it comes to security though, you need to be playing a long game. Investing in developer-driven security will not only mitigate the risk of expensive breaches, the loss of productivity, and accumulated tech debt but also create a proactive and cost-effective strategy to stay ahead of today’s threat landscape.
This past quarter, Secure Core Warriors has implemented new ways to learn with Coding Labs, which is now available to all Secure Code Warrior customers. We are thrilled to announce enhancements to participation management and course versioning, and we created new course activities like Guidelines!
Let’s dive in to learn more!
Expanding the SCW Platform’s breadth and depth
Secure Code Warrior’s continued expansion into new content helps to keep our modules relevant, timely, and tailored to what you need to know in today’s cyber-security landscape. With industry-leading breadth and depth of over 55 languages, it’s easy to build and scale a program to train developers in a large number of languages and frameworks.
Coding Guidelines available in Courses
The addition of guidelines offers developers contextual and self-paced learning that primarily covers security mitigation. Guidelines are more in-depth than videos and focus on a specific language or framework. Other offensive-based activities such as challenges, Missions, and Walkthroughs already require developers to have an understanding of the vulnerability. We created Guidelines to complement these activities from a defensive viewpoint.
Developers can read through Guidelines in Courses, and admins can use them in Course templates. Guidelines cover vulnerabilities listed in OWASP Top 10 2021 and contain code snippets in C#, Java, JavaScript, Python, Pseudocode, and PHP.
New Challenge content
Secure Code Warrior regularly updates and creates new challenges that are relevant, timely, and tailored to your organization’s needs. We are excited to announce expanded challenges available in:
- Dart: Flutter - a mobile language for building smooth cross-platform apps on Android and iOS
- Terraform: GCP - an infrastructure as code development language for Google Cloud Provide.
Developers can analyze the code, find the vulnerability, and apply critical thinking to pick the best security implementation to prevent listed vulnerabilities.
Coming soon: new front-end developer content
Front-end developers need secure code enablement too! That’s why we will be releasing additional front-end vulnerabilities in Missions and Walkthroughs. Front-end developers will also be able to access front-end specific Missions in Courses.
These updates strive for comprehensive coverage of frontend-specific vulnerabilities- from common ones like DOM-based XSS, to less frequently encountered vulnerabilities such as CSS Injection.
Step-by-step walkthroughs will provide front-end developers with trusted guidance on how vulnerabilities are being exploited. Advanced developers will also be able to test their skills in front-end Missions in Tournaments.
Simplifying the admin and developer experience
Configuring a scalable and engaging secure code education program is now easier than ever with key usability improvements to the platform.
Course versioning, archiving, and participation management
Now, keep up with the ever-changing needs of an organization’s program with new ways to edit existing programs. Course versioning allows admins to edit their existing Courses without having to create a brand-new Course. Admins can also delete test Courses or non-relevant Courses that do not have any developers enrolled, helping them to unclutter their archives.
In addition, the ability to apply additional filters on the Course Management page will make it much simpler for admins to filter down to the course they want to work on. Courses can be filtered by a number of attributes such as Course status, end date, and teams enrolled. For instance, admins can easily locate all Courses with a time limit, with an end-of-Course assessment attached, or if the Course is in draft or preview.
In addition to versioning and filtering for Courses, admins are now able to re-invite Course participants in bulk, as well as remove them from a Course as needed. This gives admins a one-click solution to reinvite developers in an “invited” state, saving valuable time and energy to remind them to get back onto the platform and start learning!
That’s a wrap on this quarter’s new capabilities! Follow Secure Code Warrior on Twitter to get updates about the latest releases and improvements.
Interested in trying out Secure Code Warrior but don’t have an account yet? Sign up for a free trial account today to get started.
Here at Secure Code Warrior, we’re constantly innovating to help equip developers and organizations with the right skills to tackle today’s ever-changing security challenges. We do this through highly engaging, flexible, and easy-to-manage secure code enablement.
Everyone wants a good return on their investment when it comes to investing in their tech stack or additional training programs. When it comes to security though, you need to be playing a long game. Investing in developer-driven security will not only mitigate the risk of expensive breaches, the loss of productivity, and accumulated tech debt but also create a proactive and cost-effective strategy to stay ahead of today’s threat landscape.
This past quarter, Secure Core Warriors has implemented new ways to learn with Coding Labs, which is now available to all Secure Code Warrior customers. We are thrilled to announce enhancements to participation management and course versioning, and we created new course activities like Guidelines!
Let’s dive in to learn more!
Expanding the SCW Platform’s breadth and depth
Secure Code Warrior’s continued expansion into new content helps to keep our modules relevant, timely, and tailored to what you need to know in today’s cyber-security landscape. With industry-leading breadth and depth of over 55 languages, it’s easy to build and scale a program to train developers in a large number of languages and frameworks.
Coding Guidelines available in Courses
The addition of guidelines offers developers contextual and self-paced learning that primarily covers security mitigation. Guidelines are more in-depth than videos and focus on a specific language or framework. Other offensive-based activities such as challenges, Missions, and Walkthroughs already require developers to have an understanding of the vulnerability. We created Guidelines to complement these activities from a defensive viewpoint.
Developers can read through Guidelines in Courses, and admins can use them in Course templates. Guidelines cover vulnerabilities listed in OWASP Top 10 2021 and contain code snippets in C#, Java, JavaScript, Python, Pseudocode, and PHP.
New Challenge content
Secure Code Warrior regularly updates and creates new challenges that are relevant, timely, and tailored to your organization’s needs. We are excited to announce expanded challenges available in:
- Dart: Flutter - a mobile language for building smooth cross-platform apps on Android and iOS
- Terraform: GCP - an infrastructure as code development language for Google Cloud Provide.
Developers can analyze the code, find the vulnerability, and apply critical thinking to pick the best security implementation to prevent listed vulnerabilities.
Coming soon: new front-end developer content
Front-end developers need secure code enablement too! That’s why we will be releasing additional front-end vulnerabilities in Missions and Walkthroughs. Front-end developers will also be able to access front-end specific Missions in Courses.
These updates strive for comprehensive coverage of frontend-specific vulnerabilities- from common ones like DOM-based XSS, to less frequently encountered vulnerabilities such as CSS Injection.
Step-by-step walkthroughs will provide front-end developers with trusted guidance on how vulnerabilities are being exploited. Advanced developers will also be able to test their skills in front-end Missions in Tournaments.
Simplifying the admin and developer experience
Configuring a scalable and engaging secure code education program is now easier than ever with key usability improvements to the platform.
Course versioning, archiving, and participation management
Now, keep up with the ever-changing needs of an organization’s program with new ways to edit existing programs. Course versioning allows admins to edit their existing Courses without having to create a brand-new Course. Admins can also delete test Courses or non-relevant Courses that do not have any developers enrolled, helping them to unclutter their archives.
In addition, the ability to apply additional filters on the Course Management page will make it much simpler for admins to filter down to the course they want to work on. Courses can be filtered by a number of attributes such as Course status, end date, and teams enrolled. For instance, admins can easily locate all Courses with a time limit, with an end-of-Course assessment attached, or if the Course is in draft or preview.
In addition to versioning and filtering for Courses, admins are now able to re-invite Course participants in bulk, as well as remove them from a Course as needed. This gives admins a one-click solution to reinvite developers in an “invited” state, saving valuable time and energy to remind them to get back onto the platform and start learning!
That’s a wrap on this quarter’s new capabilities! Follow Secure Code Warrior on Twitter to get updates about the latest releases and improvements.
Interested in trying out Secure Code Warrior but don’t have an account yet? Sign up for a free trial account today to get started.
Click on the link below and download the PDF of this resource.
Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.
View reportBook a demo
Interested in trying out Secure Code Warrior but don’t have an account yet? Sign up for a free trial account today to get started.
Try NowTaylor Broadfoot-Nymark is a Product Marketing Manager at Secure Code Warrior. She has written several articles about cybersecurity and agile learning, and also leads product launches, GTM strategy, and customer advocacy.
Here at Secure Code Warrior, we’re constantly innovating to help equip developers and organizations with the right skills to tackle today’s ever-changing security challenges. We do this through highly engaging, flexible, and easy-to-manage secure code enablement.
Everyone wants a good return on their investment when it comes to investing in their tech stack or additional training programs. When it comes to security though, you need to be playing a long game. Investing in developer-driven security will not only mitigate the risk of expensive breaches, the loss of productivity, and accumulated tech debt but also create a proactive and cost-effective strategy to stay ahead of today’s threat landscape.
This past quarter, Secure Core Warriors has implemented new ways to learn with Coding Labs, which is now available to all Secure Code Warrior customers. We are thrilled to announce enhancements to participation management and course versioning, and we created new course activities like Guidelines!
Let’s dive in to learn more!
Expanding the SCW Platform’s breadth and depth
Secure Code Warrior’s continued expansion into new content helps to keep our modules relevant, timely, and tailored to what you need to know in today’s cyber-security landscape. With industry-leading breadth and depth of over 55 languages, it’s easy to build and scale a program to train developers in a large number of languages and frameworks.
Coding Guidelines available in Courses
The addition of guidelines offers developers contextual and self-paced learning that primarily covers security mitigation. Guidelines are more in-depth than videos and focus on a specific language or framework. Other offensive-based activities such as challenges, Missions, and Walkthroughs already require developers to have an understanding of the vulnerability. We created Guidelines to complement these activities from a defensive viewpoint.
Developers can read through Guidelines in Courses, and admins can use them in Course templates. Guidelines cover vulnerabilities listed in OWASP Top 10 2021 and contain code snippets in C#, Java, JavaScript, Python, Pseudocode, and PHP.
New Challenge content
Secure Code Warrior regularly updates and creates new challenges that are relevant, timely, and tailored to your organization’s needs. We are excited to announce expanded challenges available in:
- Dart: Flutter - a mobile language for building smooth cross-platform apps on Android and iOS
- Terraform: GCP - an infrastructure as code development language for Google Cloud Provide.
Developers can analyze the code, find the vulnerability, and apply critical thinking to pick the best security implementation to prevent listed vulnerabilities.
Coming soon: new front-end developer content
Front-end developers need secure code enablement too! That’s why we will be releasing additional front-end vulnerabilities in Missions and Walkthroughs. Front-end developers will also be able to access front-end specific Missions in Courses.
These updates strive for comprehensive coverage of frontend-specific vulnerabilities- from common ones like DOM-based XSS, to less frequently encountered vulnerabilities such as CSS Injection.
Step-by-step walkthroughs will provide front-end developers with trusted guidance on how vulnerabilities are being exploited. Advanced developers will also be able to test their skills in front-end Missions in Tournaments.
Simplifying the admin and developer experience
Configuring a scalable and engaging secure code education program is now easier than ever with key usability improvements to the platform.
Course versioning, archiving, and participation management
Now, keep up with the ever-changing needs of an organization’s program with new ways to edit existing programs. Course versioning allows admins to edit their existing Courses without having to create a brand-new Course. Admins can also delete test Courses or non-relevant Courses that do not have any developers enrolled, helping them to unclutter their archives.
In addition, the ability to apply additional filters on the Course Management page will make it much simpler for admins to filter down to the course they want to work on. Courses can be filtered by a number of attributes such as Course status, end date, and teams enrolled. For instance, admins can easily locate all Courses with a time limit, with an end-of-Course assessment attached, or if the Course is in draft or preview.
In addition to versioning and filtering for Courses, admins are now able to re-invite Course participants in bulk, as well as remove them from a Course as needed. This gives admins a one-click solution to reinvite developers in an “invited” state, saving valuable time and energy to remind them to get back onto the platform and start learning!
That’s a wrap on this quarter’s new capabilities! Follow Secure Code Warrior on Twitter to get updates about the latest releases and improvements.
Interested in trying out Secure Code Warrior but don’t have an account yet? Sign up for a free trial account today to get started.
Table of contents
Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.
Book a demoDownloadResources to get you started
Benchmarking Security Skills: Streamlining Secure-by-Design in the Enterprise
The Secure-by-Design movement is the future of secure software development. Learn about the key elements companies need to keep in mind when they think about a Secure-by-Design initiative.
DigitalOcean Decreases Security Debt with Secure Code Warrior
DigitalOcean's use of Secure Code Warrior training has significantly reduced security debt, allowing teams to focus more on innovation and productivity. The improved security has strengthened their product quality and competitive edge. Looking ahead, the SCW Trust Score will help them further enhance security practices and continue driving innovation.
Resources to get you started
Trust Score Reveals the Value of Secure-by-Design Upskilling Initiatives
Our research has shown that secure code training works. Trust Score, using an algorithm drawing on more than 20 million learning data points from work by more than 250,000 learners at over 600 organizations, reveals its effectiveness in driving down vulnerabilities and how to make the initiative even more effective.
.png)
Reactive Versus Preventive Security: Prevention Is a Better Cure
The idea of bringing preventive security to legacy code and systems at the same time as newer applications can seem daunting, but a Secure-by-Design approach, enforced by upskilling developers, can apply security best practices to those systems. It’s the best chance many organizations have of improving their security postures.
The Benefits of Benchmarking Security Skills for Developers
The growing focus on secure code and Secure-by-Design principles requires developers to be trained in cybersecurity from the start of the SDLC, with tools like Secure Code Warrior’s Trust Score helping measure and improve their progress.
Driving Meaningful Success for Enterprise Secure-by-Design Initiatives
Our latest research paper, Benchmarking Security Skills: Streamlining Secure-by-Design in the Enterprise is the result of deep analysis of real Secure-by-Design initiatives at the enterprise level, and deriving best practice approaches based on data-driven findings.
Developer-driven coding.
Securely.
Contact us today and make software security an intrinsic part of your development process.
