BOSTON & SYDNEY--(BUSINESS WIRE)--Secure application development platform provider Secure Code Warrior (SCW) today launched Coders Conquer Security: Share and Learn, a weekly blog series, authored by Product Evangelist and Security Engineer Jaap Karan Singh, that includes videos and hands-on challenges covering the top thirty security vulnerabilities found in software applications today.
Each week, beginning today December 6, a new post will take an in-depth exploration of one security vulnerability, rounding out the top thirty risks developers need to be able to defend against. The series will cover the OWASP Top 10 and far beyond, creating a free library of guides and training aimed at helping junior developers write better, more secure code. The first posts will focus on cross-site scripting and SQL injection, with subsequent releases delving into vulnerabilities such as typecasting, unrestricted file uploads and LDAP injection.
Co-founder and CEO of Secure Code Warrior, Pieter Danhieux, supports organizations in building a formidable security culture within their development teams, utilizing the SCW platform to deliver them the right knowledge, tools and positive engagement to make a significant impact towards security best practice. A push towards this holistic solution has proved measurably beneficial, with one of Secure Code Warrior’s customers reporting a 60% increase in secure development capability across a group of hundreds of developers. They required their developers to play a single, five-minute challenge every day for two months, testing their skills before and after the training period and observed this significant improvement.
Danhieux said that providing junior developers with helpful, free guides and training on finding and fixing security vulnerabilities is aimed at lifting engagement and interest in secure coding, especially for developers who lack experience with significant security theory:
“With so many developers leaving formal education institutions without good security knowledge, and most companies not providing adequate security training, we knew this was a gap we could help address. It is our aim to provide these free blogs, videos, and challenges to all developers to showcase the top vulnerabilities, and most importantly, how to fix them. It is this sense of achievement and upskilling that could spark a whole new interest in secure coding for developers while improving their personal standard of code.”
A new Coders Conquer Security guide will appear weekly on the Secure Code Warrior blog from December 6, and will feature the following:
From there, it is hoped that junior developers will work on their security mindset and champion secure code within their teams.
“I would love to see more developers championing security, fostering a higher standard within their team. Often, this can be key to successful risk mitigation and getting developer and security teams working together more efficiently. Secure Code Warrior can certainly continue to assist this upskilling with our highly engaging, gamified online training.” Danhieux said.
The Coders Conquer Security: Share and Learn Series will begin from December 6 and can be found at https://insights.securecodewarrior.com.
DigitalOcean's use of Secure Code Warrior training has significantly reduced security debt, allowing teams to focus more on innovation and productivity. The improved security has strengthened their product quality and competitive edge. Looking ahead, the SCW Trust Score will help them further enhance security practices and continue driving innovation.
DigitalOcean's use of Secure Code Warrior training has significantly reduced security debt, allowing teams to focus more on innovation and productivity. The improved security has strengthened their product quality and competitive edge. Looking ahead, the SCW Trust Score will help them further enhance security practices and continue driving innovation.
The promise of artificial intelligence writing complex code at the touch of a button is intriguing, but the reality is that AI will need a lot of help from human developers to craft truly secure and reliable code.