Secure Code Warrior 2023: Innovations, achievements, and insights

Empowering developers, enhancing productivity, and mitigating risk

What an amazing year in the ever-evolving landscape of cybersecurity! Secure Code Warrior is proud to continue our mission of equipping developers and organizations with the skills needed to combat ever-evolving security threats. In 2023, we worked with more than 600 enterprises, and in analyzing data from nearly 75,000 developers, our research shows that those who engage with Secure Code Warrior reduced vulnerabilities as much as 53%. This in turn leads to massive gains in productivity for developers, as well as supporting AppSec and security teams in hedging against risk and strengthening their organization’s security posture.

As we head towards 2024, we thought it would be helpful to walk you through some of the key product advancements, strategic partnerships, and company updates we have made this year. 

‍

Product innovations

We saw a banner year for secure code learning in our community of developers. Here are some of the highlights:

• We added 2 new languages to the platform - Terraform:GCP and Dart:Flutter- and shipped Coding Labs in 9 different languages and frameworks. 
• Secure Code Warrior hosted 820 Tournaments in 2023.
• On average, developers spent 2.3 minutes on Coding Labs, completing over 100,000 labs in 2023. That adds up to over 4,200 hours spent on Secure Code Warrior’s newest learning activity! 
• Finally, here’s a look at the top 10 industries our developers come from based on the number of active learners on the platform. 

In 2023, Secure Code Warrior introduced Coding Labs - our most advanced and interactive learning activity - designed to elevate developer security education. This addition provides real-time, contextual feedback and is currently available in 9+ languages and frameworks. Coding Labs acts as a personal trainer, facilitating faster learning and skill improvement, and making it quicker for developers to go from “learning” to “doing”. 

Secure Code Warrior continued to broaden its industry-leading library of content with the addition of two new programming languages - Dart:Flutter and TeraformGCP. Further enhancements include incorporating Guidelines into courses and the SCW Jira integration, offering developers deeper insights and in-depth remediation advice within their workflows. The introduction of Multi-company Tournaments helps foster friendly competition between developers from various companies and subsidiaries, ensuring a scalable secure coding culture. Additionally, the rollout of SCIM allows program owners and company admins to manage Secure Code Warrior licenses programmatically, ensuring accuracy and compliance at scale.

Curious to learn more about our latest product innovations? Contact your Customer Success Manager or visit our resource library for one of the many product deep dive webinars available. 

‍

‍

Strategic partnerships and integrations

A noteworthy collaboration emerged with Synopsys Developer Security Training, powered by Secure Code Warrior. This integration offers a closed-loop strategy to preempt security risks at the developer desktop, accelerating issue remediation across the software development life cycle (SDLC) and CI/CD pipelines. The partnership aims to establish a comprehensive approach to secure development, with quantifiable risk reductions.

Learn more about the partnership here. 

‍

Devlympics 2023

Devlympics, an annual global tournament hosted by Secure Code Warrior, witnessed over 1000 developers participating in 2023. The event garnered attention from security professionals worldwide, with overwhelmingly positive feedback:

• 94% enjoyed participating in the tournament.
• 90% expressed interest in joining next year's event.
• 62% rated the SCW platform 10/10, and 91% would recommend it to their peers.
• Over 85% would use the SCW platform if their organization had full-time access.

Read the full report here. Don’t want to miss out on next year’s Devlympics? Mark your calendar for October 15-16, 2024 and register your interest to be kept in the loop. 

‍

Hear from your peers

As we’ve partnered with our customers, Secure Code Warrior has become deeply embedded in their security ecosystem, and made a profound impact on their developer productivity and reduction of risk. We heard from several customers this year, and collected key learnings and insights from their subject matter experts to share with our colleagues in the broader Application Security community.  

• Workday: A remarkable reduction from 4662 security issues to zero in approximately 18 months.
• Thales: Achieved an overall reduction in vulnerabilities over two years, with no reintroduction at the source code level.
• Envestnet: Developers fixed 2.7 times more vulnerabilities than their peers, closing issues at a rate of 4.5 per developer.
• Netskope: Meet their compliance goals without traditional "check-the-box" training, with higher engagement rates in their secure coding program.
• Colgate-Palmolive:  Placed developers at the core of their secure code strategy, and embedded Secure Code Warrior seamlessly into their workflows using Okta.
• Sage: Built a best-in-class security champion community and reduced the mean time to fix vulnerabilities by 82%.

Hear directly from our customers about how they’ve built their secure code programs, fostered a security-first culture, and improved their security posture. 

‍

SCW’s Rapid Response to cybersecurity vulnerabilities

Secure Code Warrior’s Rapid Response program addresses current critical vulnerabilities plaguing our world, such as the MOVEit zero-day exploit, high-severity libcurl/curl vulnerabilities, and mvcRequestMatcher Spring. These incidents underscore the importance of proactive security measures and continuously educating engineering teams about recent vulnerabilities. Learn more about these critical vulnerabilities below, each comes with a free mission that you can play through hands-on.

• MOVEit Zero-day free mission
• libcurl/ curl vulnerability mission 
• mvcRequestMatcher Spring mission 

‍

Major funding and recognition

With office locations in Sydney and Melbourne Australia, Boston USA, Belgium, and Iceland - SCW is proud to host a community of developers that represent a wide variety of industries and regions. 

On July 13, 2023, Secure Code Warrior announced a groundbreaking achievement—the closure of its Series C funding round led by Paladin Capital Group, securing an impressive $50 million USD. This brings the total funding to over $100 million USD, underlining the confidence and support garnered since the company's inception.

‍

Join the growing community 

Secure Code Warrior's commitment to innovation, strategic partnerships, and customer success makes us proud to celebrate our successes as the leader in secure coding education and implementation. 

Interested to learn more? Follow us on X and LinkedIn to stay up-to-date on all announcements. 

That’s all for now, see you in 2024!