Blog

Secure coding learning that reflects real AI usage

June 1, 2026

Shannon Holt

Secure coding learning aligned to real AI usage, developer workflows, and modern software development practices.

AI-assisted development is already becoming part of everyday engineering work.

A developer may manually write core application logic in the morning, use AI to generate test coverage in the afternoon, then review AI-assisted pull requests before the end of the day. The workflows are fluid. The tooling changes quickly. Usage patterns evolve week to week, sometimes team to team.

Historically, secure coding learning operated on relatively fixed cycles — onboarding pathways, annual assignments, broad role-based training, or periodic awareness campaigns. Those models made sense when development tooling evolved more gradually and learning requirements stayed relatively stable over time.

AI-assisted development moves differently. Security teams now need a more responsive way to keep secure coding guidance connected to how developers are actually working in the moment.

Adaptive Learning is designed to help organizations align secure coding learning to real software development activity and software risk signals across the SDLC.

‍That includes AI-assisted development activity, vulnerability findings, and evolving developer behavior tied to how software is actually being built.

In this post, we’re focusing specifically on Adaptive Learning with AI Signals powered by Trust Agent: AI — using AI-assisted development detections to help organizations dynamically align secure coding guidance to developers actively using AI coding tools in day-to-day development work.

Learning That Reflects Real AI Usage

Secure coding learning has always been most effective when it reflects the way developers actually work. Organizations already align learning by role, coding language, technology stack, and vulnerability focus areas to make training more relevant across engineering teams.

AI-assisted development introduces an additional layer of context.

An engineer experimenting with AI-generated Python code today may spend next month reviewing infrastructure-as-code in Terraform or using AI to accelerate frontend testing workflows. Some developers rely heavily on AI coding assistants. Others barely touch them.

Adaptive Learning helps organizations turn AI visibility into targeted secure coding guidance. When Trust Agent: AI identifies AI-assisted development activity, organizations can automatically assign learning aligned to those workflows.

That means developers actively using AI coding assistants can receive targeted learning tied to the work already happening inside their environment — without security teams manually identifying individual developers and repeatedly reassigning learning as AI usage expands across engineering teams.

Adaptive Learning in Practice

Adaptive Learning powered by Trust Agent: AI is designed to fit naturally into existing software development workflows.

Security teams can create targeted learning aligned to secure AI-assisted development practices, then use Trust Agent: AI detections to dynamically assign that learning to developers actively using AI coding tools in their day-to-day workflows. As developers begin interacting with AI-assisted development environments, relevant secure coding guidance is automatically assigned based on that activity.

So now we can detect the AI usage, we can understand where it's happening, and we can trigger that targeted training for the right developers. And that's what I'm gonna show you today, how we take that AI signal and turn it into adaptive learning. So there are a few parts of the process which I'll walk through today. The first piece is in the policy setup on TA, then we can go to the Quest side to trigger the training. For the policy, it's super simple and straightforward. So if you want to ensure that developers who use AI need a training, you can head over to this policy section within configuration. And what you wanna do is ensure that the adaptive AI learning is toggled on. Once that's set up, that's all you need to do on the Trust Agent AI side. In this demo itself, we've already gone ahead and set up the installer and all that piece over here. We have various internal external documentation on how to locally install it or use various scripts like Jamf, there'll be other documentation on that. But in this, like I say, in this demo, I'm just gonna head on with the actual policy setup and the adaptive learning creation. Okay. So now this is set up. I'm over into quests, and what I'm gonna do is create a quest to target the specific learners who have used AI. So So once you're in the quest, if you scroll down and you look at the participant section, what we have now is a new participant type, which is trust agent detection. And what this will do is automatically pull the developers who have been flagged in that TA AI report. So what we're gonna do is select this, and we can start to fill out the rest of the quest like normal. So we give it a title, a badge, we'll scroll down to the objectives. And what's really nice about this is the flexibility that the admins have to define the criteria for the training needed. For example, they can go in and they can select the specific content. So they could just go with Coding With AI. They could go with the AI agents and the protocols as well. For this demo, I'm gonna select both of these and keep them as part of the criteria. I can also then decide the schedule, so I'm gonna use fixed dates, and then I can go ahead and configure some of the quest settings as well. One important area to note is the count pass completions. This again is flexible based on customer's needs where we can define if they want learners to complete the training regardless if they've done any of the content before, or they can set a specific time period like three or six months where they have done it recently. So for this demo, I'm gonna set it to redo all content. Once that's filled out, you can then go ahead and save and publish. Now that's set up. That's gonna be available for them developers that were flagged for the Trust Agent AI, and the two steps are complete from an admin's perspective. So we've gone in and we've set up the policy and made sure that's enabled. And we've gone over to Quest and ensure we've created a Quest that's using the new participation type, the trust agent detection. So what I can do now is quickly log in as a learner just so we can see if they have received that training. So just to quickly show you what it's like from the learner perspective, here I am logged in as a learner. I was one of the learners who flagged up based on AI usage, and therefore, I have now received the quest, which you can see here on the screen. And in the normal process, I would then go through and then go through the topics within the quest. Once I have completed this, then I've completed the quest. And that concludes the demo today. So what I've gone through is really just an overview of the importance of Trust Agent AI and adaptive learning, and then gone through to the demo of the admin experience and then quickly briefly through to the learning experience as well. As always, any questions on adaptive learning, please feel free to reach out. Always happy to help. Thank you very much.

The walkthrough above demonstrates how Adaptive Learning with AI Signals works in practice, including configuring Trust Agent Detection, creating adaptive Quests, dynamically assigning learning, and tracking participation and completion.

For step-by-step setup instructions and configuration details, explore the adaptive Learning with Trust Agent: AI knowledge base article.

Secure Coding Guidance Should Reflect How Developers Actually Work

AI-assisted development is already part of everyday engineering workflows. Developers are moving quickly between AI-generated suggestions, manually written code, automated testing, and pull request review throughout the day.

As those workflows continue evolving, secure coding guidance needs to stay connected to the way software is actually being built.

Adaptive Learning powered by Trust Agent: AI helps organizations do exactly that — aligning learning to real AI-assisted development activity so guidance reaches developers when it is most relevant and actionable.

The result is secure coding guidance that stays relevant as AI tooling evolves — without adding overhead to the security teams responsible for running the program.

Share on social

Govern AI-driven development before it ships

Measure AI-assisted risk, enforce secure coding policy at commit, and accelerate secure delivery across your SDLC.

Book a demo

About the author

Shannon Holt

Shannon Holt is a cybersecurity product marketer with a background in application security, cloud security services, and compliance standards like PCI-DSS and HITRUST. She’s passionate about making secure development and compliance more practical and approachable for technical teams, bridging the gap between security expectations and the realities of modern software development.

Sr. Product Marketing Manager

Resource hub

Resources to get you started

Lorem ipsum diam quis enim lobortis scelerisque fermentum dui faucibus in ornare quam viverra orci sagittis eu volutpat odio facilisis.

Jun 23, 2026

Customer Showcase Webinar: Danske Bank

Danske Bank shares how they built a thriving secure coding culture — key strategies, real results, and lessons you can replicate. Watch on demand.

libros blancos

Jun 23, 2026

Understand how AI is transforming software development—and how security must evolve with it.

From AI autocomplete to autonomous agents—explore how software development is evolving and what it means for security, governance, and your team.

Seguridad del software

Jun 23, 2026

Why most CISOs are navigating AI adoption blindfolded (and how they can remove it)

Today, Secure Code Warrior issued an all-new white paper covering a prescriptive, directional AI adoption model that security leaders can use to identify their adoption stage and make real progress in bringing the AI security risks within their organization under control.

Enablers of success

Jun 18, 2026

Enabler 5: Certification Programs

Move beyond one-and-done training. Enabler 5 builds multi-level certification programs that give developers meaningful progression and validated skills.