Six Years of Secure Code Warrior: Are we grown up yet?
It’s that special time of the year (for us, anyway) where I reflect on our most recent lap around the sun, and what has been done in the previous three hundred and sixty-five days to position us for a new year of growth, lessons, and inevitable unpredictability.
While I don’t think anyone could have foreshadowed last year’s twists and turns - after all, I think most of us faced more curveballs than the LA Dodgers - we’re still here. The ticking over of the calendar didn’t put a sudden stop on the pain points in the Year That Cannot Be Named, but all around me, I see the unwavering resilience in individuals, businesses, and our industry.
So, then, what progress have we made in our goal to secure code across the galaxy?
We supercharged our product suite.
The Secure Code Warrior training platform will always be the heart and soul of our offerings, but striving to create more variety, and more developer-chosen tools are our top priorities.
We want to inspire developers to embrace a preventative secure coding approach that enables every team to ship quality software with confidence.
I am so proud to detail what our product team has worked so hard to roll out; they’ve kicked incredible goals all year:
- We acquired Adversary.io and integrated their technology, their amazingly skilled team and enterprise customers in less than 9 months.
- We reached the incredible milestone of supporting over 50 programming languages, including infrastructure as code mainstays like Docker, Ansible, Terraform, Kubernetes, Powershell and CloudFormation, as well as new kids on the block like Rust and Go.
- Bringing security knowledge to the developer by releasing all-new extensions for GitHub Actions and Issues, in addition to Atlassian JIRA Cloud & Server, which provides contextual learning right where developers play without the need to switch between tasks
- Real-time quality code guidance in the IDE with Sensei, now available in the JetBrains marketplace for every developer to detect security bugs, enforce best practice, share knowledge, and prevent performance issues and technical debts
- Making it easier for enterprises to engage with developers and scale secure coding by releasing Courses, a brand-new feature allowing curated learning pathways for objectives that are most relevant to an organization and its security goals. We also added Missions, an exciting enhancement to the flagship platform, putting developers in the pilot’s seat of an exploit. It’s the next step in a scaffolded learning approach to give developers a viable, lifelong foundation for success.
… and if you know any coding beginners, they should check out the free app, Secure Code Bootcamp, and start their security journey.
We landed, we expanded, we influenced.
We like to approach secure coding a little differently, and naturally, it’s our hope that this ethos catches on throughout the industry. It’s important that developers recognize their power in fighting the good fight against cyberattackers, and getting them to actually enjoy learning about security is a prime goal.
Thousands of developers joined our virtual tournaments from all over the world, with over 80 being held in 2020 alone. We were thrilled to get people playing as part of GitHub Universe, global Cisco events, and DevSecCon.
We dug through our data and saw hundreds-of-thousands unique users had played on our platform in 2020, which is mind-blowing when I think about where we began six years ago.
I was so pleased to see that we had increased our reach significantly among Fortune 1000 companies, each of them willing to try something new as part of their security programs. We found synergy with tech companies in particular, many of which pivoted to remote work and saw value in remote training options.
Team Awesome got bigger, and stronger, together.
One of the biggest evolutions we had as a company in the past year was the acquisition of the Iceland-based cybersecurity company, Adversary. We had a lot in common: a similar stance on the people-focused approach to cybersecurity, aligned values, and complementary products. We welcomed their team into our own, gaining invaluable expertise and talent among great people.
We also welcomed John Wilson as the SVP of Global Sales, benefiting from his extensive, 25-year track record of driving growth and building cloud technology and cybersecurity companies into market leaders. His wide technical skillset has been an innovative force in companies like Symantec, Qualys, BlackBerry, and Verizon, and we couldn’t be happier to have him working his magic with us.
A lack of physical offices didn’t stop us from onboarding sixty new employees across five countries, and ensuring they could hit the ground running with virtual support, introductions, and of course - the coveted employee swag pack delivered to their door.
We continued to grow in every department, all of equal importance in achieving our global mission of enabling quality code at speed. And yet, it still feels like we’ve only just started.
2021, the year of changing the conversation.
It has long been my feeling that society simply doesn’t care enough about cybersecurity, and it’s only when something incredibly drastic happens that we might see the needle move on action and awareness.
With the enormous SolarWinds breach breaking at the end of last year, more details are coming to the surface. The full extent of the damage still isn’t known, but this incident could be the catalyst for widespread change. US government departments are already overhauling their security programs, and cyberespionage is a very hot topic among those with a lot to lose.
We can still put a little fun into everything we do, but now is the time to roll up our sleeves and get to work on truly changing the conversation.
Every security-aware developer makes our world a little bit safer from cyberattacks, and giving them the knowledge to succeed - and maybe even love it - will always be our goal. We’re working hard every day to create tools that developers choose to use when learning about security, and creating the highest quality code. Secure code should be the standard, and we can all lend a hand to make that reality.
It’s that special time of the year (for us, anyway) where I reflect on our most recent lap around the sun, and what has been done in the previous 365 days to position us for a new year of growth, lessons, and inevitable unpredictability.
Chief Executive Officer, Chairman, and Co-Founder
Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.
Book a demo
Chief Executive Officer, Chairman, and Co-Founder
Pieter Danhieux is a globally recognized security expert, with over 12 years experience as a security consultant and 8 years as a Principal Instructor for SANS teaching offensive techniques on how to target and assess organizations, systems and individuals for security weaknesses. In 2016, he was recognized as one of the Coolest Tech people in Australia (Business Insider), awarded Cyber Security Professional of the Year (AISA - Australian Information Security Association) and holds GSE, CISSP, GCIH, GCFA, GSEC, GPEN, GWAPT, GCIA certifications.
It’s that special time of the year (for us, anyway) where I reflect on our most recent lap around the sun, and what has been done in the previous three hundred and sixty-five days to position us for a new year of growth, lessons, and inevitable unpredictability.
While I don’t think anyone could have foreshadowed last year’s twists and turns - after all, I think most of us faced more curveballs than the LA Dodgers - we’re still here. The ticking over of the calendar didn’t put a sudden stop on the pain points in the Year That Cannot Be Named, but all around me, I see the unwavering resilience in individuals, businesses, and our industry.
So, then, what progress have we made in our goal to secure code across the galaxy?
We supercharged our product suite.
The Secure Code Warrior training platform will always be the heart and soul of our offerings, but striving to create more variety, and more developer-chosen tools are our top priorities.
We want to inspire developers to embrace a preventative secure coding approach that enables every team to ship quality software with confidence.
I am so proud to detail what our product team has worked so hard to roll out; they’ve kicked incredible goals all year:
- We acquired Adversary.io and integrated their technology, their amazingly skilled team and enterprise customers in less than 9 months.
- We reached the incredible milestone of supporting over 50 programming languages, including infrastructure as code mainstays like Docker, Ansible, Terraform, Kubernetes, Powershell and CloudFormation, as well as new kids on the block like Rust and Go.
- Bringing security knowledge to the developer by releasing all-new extensions for GitHub Actions and Issues, in addition to Atlassian JIRA Cloud & Server, which provides contextual learning right where developers play without the need to switch between tasks
- Real-time quality code guidance in the IDE with Sensei, now available in the JetBrains marketplace for every developer to detect security bugs, enforce best practice, share knowledge, and prevent performance issues and technical debts
- Making it easier for enterprises to engage with developers and scale secure coding by releasing Courses, a brand-new feature allowing curated learning pathways for objectives that are most relevant to an organization and its security goals. We also added Missions, an exciting enhancement to the flagship platform, putting developers in the pilot’s seat of an exploit. It’s the next step in a scaffolded learning approach to give developers a viable, lifelong foundation for success.
… and if you know any coding beginners, they should check out the free app, Secure Code Bootcamp, and start their security journey.
We landed, we expanded, we influenced.
We like to approach secure coding a little differently, and naturally, it’s our hope that this ethos catches on throughout the industry. It’s important that developers recognize their power in fighting the good fight against cyberattackers, and getting them to actually enjoy learning about security is a prime goal.
Thousands of developers joined our virtual tournaments from all over the world, with over 80 being held in 2020 alone. We were thrilled to get people playing as part of GitHub Universe, global Cisco events, and DevSecCon.
We dug through our data and saw hundreds-of-thousands unique users had played on our platform in 2020, which is mind-blowing when I think about where we began six years ago.
I was so pleased to see that we had increased our reach significantly among Fortune 1000 companies, each of them willing to try something new as part of their security programs. We found synergy with tech companies in particular, many of which pivoted to remote work and saw value in remote training options.
Team Awesome got bigger, and stronger, together.
One of the biggest evolutions we had as a company in the past year was the acquisition of the Iceland-based cybersecurity company, Adversary. We had a lot in common: a similar stance on the people-focused approach to cybersecurity, aligned values, and complementary products. We welcomed their team into our own, gaining invaluable expertise and talent among great people.
We also welcomed John Wilson as the SVP of Global Sales, benefiting from his extensive, 25-year track record of driving growth and building cloud technology and cybersecurity companies into market leaders. His wide technical skillset has been an innovative force in companies like Symantec, Qualys, BlackBerry, and Verizon, and we couldn’t be happier to have him working his magic with us.
A lack of physical offices didn’t stop us from onboarding sixty new employees across five countries, and ensuring they could hit the ground running with virtual support, introductions, and of course - the coveted employee swag pack delivered to their door.
We continued to grow in every department, all of equal importance in achieving our global mission of enabling quality code at speed. And yet, it still feels like we’ve only just started.
2021, the year of changing the conversation.
It has long been my feeling that society simply doesn’t care enough about cybersecurity, and it’s only when something incredibly drastic happens that we might see the needle move on action and awareness.
With the enormous SolarWinds breach breaking at the end of last year, more details are coming to the surface. The full extent of the damage still isn’t known, but this incident could be the catalyst for widespread change. US government departments are already overhauling their security programs, and cyberespionage is a very hot topic among those with a lot to lose.
We can still put a little fun into everything we do, but now is the time to roll up our sleeves and get to work on truly changing the conversation.
Every security-aware developer makes our world a little bit safer from cyberattacks, and giving them the knowledge to succeed - and maybe even love it - will always be our goal. We’re working hard every day to create tools that developers choose to use when learning about security, and creating the highest quality code. Secure code should be the standard, and we can all lend a hand to make that reality.
It’s that special time of the year (for us, anyway) where I reflect on our most recent lap around the sun, and what has been done in the previous three hundred and sixty-five days to position us for a new year of growth, lessons, and inevitable unpredictability.
While I don’t think anyone could have foreshadowed last year’s twists and turns - after all, I think most of us faced more curveballs than the LA Dodgers - we’re still here. The ticking over of the calendar didn’t put a sudden stop on the pain points in the Year That Cannot Be Named, but all around me, I see the unwavering resilience in individuals, businesses, and our industry.
So, then, what progress have we made in our goal to secure code across the galaxy?
We supercharged our product suite.
The Secure Code Warrior training platform will always be the heart and soul of our offerings, but striving to create more variety, and more developer-chosen tools are our top priorities.
We want to inspire developers to embrace a preventative secure coding approach that enables every team to ship quality software with confidence.
I am so proud to detail what our product team has worked so hard to roll out; they’ve kicked incredible goals all year:
- We acquired Adversary.io and integrated their technology, their amazingly skilled team and enterprise customers in less than 9 months.
- We reached the incredible milestone of supporting over 50 programming languages, including infrastructure as code mainstays like Docker, Ansible, Terraform, Kubernetes, Powershell and CloudFormation, as well as new kids on the block like Rust and Go.
- Bringing security knowledge to the developer by releasing all-new extensions for GitHub Actions and Issues, in addition to Atlassian JIRA Cloud & Server, which provides contextual learning right where developers play without the need to switch between tasks
- Real-time quality code guidance in the IDE with Sensei, now available in the JetBrains marketplace for every developer to detect security bugs, enforce best practice, share knowledge, and prevent performance issues and technical debts
- Making it easier for enterprises to engage with developers and scale secure coding by releasing Courses, a brand-new feature allowing curated learning pathways for objectives that are most relevant to an organization and its security goals. We also added Missions, an exciting enhancement to the flagship platform, putting developers in the pilot’s seat of an exploit. It’s the next step in a scaffolded learning approach to give developers a viable, lifelong foundation for success.
… and if you know any coding beginners, they should check out the free app, Secure Code Bootcamp, and start their security journey.
We landed, we expanded, we influenced.
We like to approach secure coding a little differently, and naturally, it’s our hope that this ethos catches on throughout the industry. It’s important that developers recognize their power in fighting the good fight against cyberattackers, and getting them to actually enjoy learning about security is a prime goal.
Thousands of developers joined our virtual tournaments from all over the world, with over 80 being held in 2020 alone. We were thrilled to get people playing as part of GitHub Universe, global Cisco events, and DevSecCon.
We dug through our data and saw hundreds-of-thousands unique users had played on our platform in 2020, which is mind-blowing when I think about where we began six years ago.
I was so pleased to see that we had increased our reach significantly among Fortune 1000 companies, each of them willing to try something new as part of their security programs. We found synergy with tech companies in particular, many of which pivoted to remote work and saw value in remote training options.
Team Awesome got bigger, and stronger, together.
One of the biggest evolutions we had as a company in the past year was the acquisition of the Iceland-based cybersecurity company, Adversary. We had a lot in common: a similar stance on the people-focused approach to cybersecurity, aligned values, and complementary products. We welcomed their team into our own, gaining invaluable expertise and talent among great people.
We also welcomed John Wilson as the SVP of Global Sales, benefiting from his extensive, 25-year track record of driving growth and building cloud technology and cybersecurity companies into market leaders. His wide technical skillset has been an innovative force in companies like Symantec, Qualys, BlackBerry, and Verizon, and we couldn’t be happier to have him working his magic with us.
A lack of physical offices didn’t stop us from onboarding sixty new employees across five countries, and ensuring they could hit the ground running with virtual support, introductions, and of course - the coveted employee swag pack delivered to their door.
We continued to grow in every department, all of equal importance in achieving our global mission of enabling quality code at speed. And yet, it still feels like we’ve only just started.
2021, the year of changing the conversation.
It has long been my feeling that society simply doesn’t care enough about cybersecurity, and it’s only when something incredibly drastic happens that we might see the needle move on action and awareness.
With the enormous SolarWinds breach breaking at the end of last year, more details are coming to the surface. The full extent of the damage still isn’t known, but this incident could be the catalyst for widespread change. US government departments are already overhauling their security programs, and cyberespionage is a very hot topic among those with a lot to lose.
We can still put a little fun into everything we do, but now is the time to roll up our sleeves and get to work on truly changing the conversation.
Every security-aware developer makes our world a little bit safer from cyberattacks, and giving them the knowledge to succeed - and maybe even love it - will always be our goal. We’re working hard every day to create tools that developers choose to use when learning about security, and creating the highest quality code. Secure code should be the standard, and we can all lend a hand to make that reality.
Click on the link below and download the PDF of this resource.
Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.
View reportBook a demo
Chief Executive Officer, Chairman, and Co-Founder
Pieter Danhieux is a globally recognized security expert, with over 12 years experience as a security consultant and 8 years as a Principal Instructor for SANS teaching offensive techniques on how to target and assess organizations, systems and individuals for security weaknesses. In 2016, he was recognized as one of the Coolest Tech people in Australia (Business Insider), awarded Cyber Security Professional of the Year (AISA - Australian Information Security Association) and holds GSE, CISSP, GCIH, GCFA, GSEC, GPEN, GWAPT, GCIA certifications.
It’s that special time of the year (for us, anyway) where I reflect on our most recent lap around the sun, and what has been done in the previous three hundred and sixty-five days to position us for a new year of growth, lessons, and inevitable unpredictability.
While I don’t think anyone could have foreshadowed last year’s twists and turns - after all, I think most of us faced more curveballs than the LA Dodgers - we’re still here. The ticking over of the calendar didn’t put a sudden stop on the pain points in the Year That Cannot Be Named, but all around me, I see the unwavering resilience in individuals, businesses, and our industry.
So, then, what progress have we made in our goal to secure code across the galaxy?
We supercharged our product suite.
The Secure Code Warrior training platform will always be the heart and soul of our offerings, but striving to create more variety, and more developer-chosen tools are our top priorities.
We want to inspire developers to embrace a preventative secure coding approach that enables every team to ship quality software with confidence.
I am so proud to detail what our product team has worked so hard to roll out; they’ve kicked incredible goals all year:
- We acquired Adversary.io and integrated their technology, their amazingly skilled team and enterprise customers in less than 9 months.
- We reached the incredible milestone of supporting over 50 programming languages, including infrastructure as code mainstays like Docker, Ansible, Terraform, Kubernetes, Powershell and CloudFormation, as well as new kids on the block like Rust and Go.
- Bringing security knowledge to the developer by releasing all-new extensions for GitHub Actions and Issues, in addition to Atlassian JIRA Cloud & Server, which provides contextual learning right where developers play without the need to switch between tasks
- Real-time quality code guidance in the IDE with Sensei, now available in the JetBrains marketplace for every developer to detect security bugs, enforce best practice, share knowledge, and prevent performance issues and technical debts
- Making it easier for enterprises to engage with developers and scale secure coding by releasing Courses, a brand-new feature allowing curated learning pathways for objectives that are most relevant to an organization and its security goals. We also added Missions, an exciting enhancement to the flagship platform, putting developers in the pilot’s seat of an exploit. It’s the next step in a scaffolded learning approach to give developers a viable, lifelong foundation for success.
… and if you know any coding beginners, they should check out the free app, Secure Code Bootcamp, and start their security journey.
We landed, we expanded, we influenced.
We like to approach secure coding a little differently, and naturally, it’s our hope that this ethos catches on throughout the industry. It’s important that developers recognize their power in fighting the good fight against cyberattackers, and getting them to actually enjoy learning about security is a prime goal.
Thousands of developers joined our virtual tournaments from all over the world, with over 80 being held in 2020 alone. We were thrilled to get people playing as part of GitHub Universe, global Cisco events, and DevSecCon.
We dug through our data and saw hundreds-of-thousands unique users had played on our platform in 2020, which is mind-blowing when I think about where we began six years ago.
I was so pleased to see that we had increased our reach significantly among Fortune 1000 companies, each of them willing to try something new as part of their security programs. We found synergy with tech companies in particular, many of which pivoted to remote work and saw value in remote training options.
Team Awesome got bigger, and stronger, together.
One of the biggest evolutions we had as a company in the past year was the acquisition of the Iceland-based cybersecurity company, Adversary. We had a lot in common: a similar stance on the people-focused approach to cybersecurity, aligned values, and complementary products. We welcomed their team into our own, gaining invaluable expertise and talent among great people.
We also welcomed John Wilson as the SVP of Global Sales, benefiting from his extensive, 25-year track record of driving growth and building cloud technology and cybersecurity companies into market leaders. His wide technical skillset has been an innovative force in companies like Symantec, Qualys, BlackBerry, and Verizon, and we couldn’t be happier to have him working his magic with us.
A lack of physical offices didn’t stop us from onboarding sixty new employees across five countries, and ensuring they could hit the ground running with virtual support, introductions, and of course - the coveted employee swag pack delivered to their door.
We continued to grow in every department, all of equal importance in achieving our global mission of enabling quality code at speed. And yet, it still feels like we’ve only just started.
2021, the year of changing the conversation.
It has long been my feeling that society simply doesn’t care enough about cybersecurity, and it’s only when something incredibly drastic happens that we might see the needle move on action and awareness.
With the enormous SolarWinds breach breaking at the end of last year, more details are coming to the surface. The full extent of the damage still isn’t known, but this incident could be the catalyst for widespread change. US government departments are already overhauling their security programs, and cyberespionage is a very hot topic among those with a lot to lose.
We can still put a little fun into everything we do, but now is the time to roll up our sleeves and get to work on truly changing the conversation.
Every security-aware developer makes our world a little bit safer from cyberattacks, and giving them the knowledge to succeed - and maybe even love it - will always be our goal. We’re working hard every day to create tools that developers choose to use when learning about security, and creating the highest quality code. Secure code should be the standard, and we can all lend a hand to make that reality.
Table of contents
Chief Executive Officer, Chairman, and Co-Founder
Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.
Book a demoDownloadResources to get you started
Benchmarking Security Skills: Streamlining Secure-by-Design in the Enterprise
The Secure-by-Design movement is the future of secure software development. Learn about the key elements companies need to keep in mind when they think about a Secure-by-Design initiative.
DigitalOcean Decreases Security Debt with Secure Code Warrior
DigitalOcean's use of Secure Code Warrior training has significantly reduced security debt, allowing teams to focus more on innovation and productivity. The improved security has strengthened their product quality and competitive edge. Looking ahead, the SCW Trust Score will help them further enhance security practices and continue driving innovation.
Resources to get you started
Trust Score Reveals the Value of Secure-by-Design Upskilling Initiatives
Our research has shown that secure code training works. Trust Score, using an algorithm drawing on more than 20 million learning data points from work by more than 250,000 learners at over 600 organizations, reveals its effectiveness in driving down vulnerabilities and how to make the initiative even more effective.
.png)
Reactive Versus Preventive Security: Prevention Is a Better Cure
The idea of bringing preventive security to legacy code and systems at the same time as newer applications can seem daunting, but a Secure-by-Design approach, enforced by upskilling developers, can apply security best practices to those systems. It’s the best chance many organizations have of improving their security postures.
The Benefits of Benchmarking Security Skills for Developers
The growing focus on secure code and Secure-by-Design principles requires developers to be trained in cybersecurity from the start of the SDLC, with tools like Secure Code Warrior’s Trust Score helping measure and improve their progress.
Driving Meaningful Success for Enterprise Secure-by-Design Initiatives
Our latest research paper, Benchmarking Security Skills: Streamlining Secure-by-Design in the Enterprise is the result of deep analysis of real Secure-by-Design initiatives at the enterprise level, and deriving best practice approaches based on data-driven findings.
Developer-driven coding.
Securely.
Contact us today and make software security an intrinsic part of your development process.
