SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Secure Code Warrior launches offering to help developers adopt a security mindset
Fri, 13th Nov 2020
FYI, this story is more than a year old

Secure Code Warrior, the secure coding company, has launched a new educational offering that simulates realistic situations to help developers extend their coding skills and preparedness.

Called Missions, the solution focuses on interactive coding simulations of real-world applications that encourage developers to experience the real-time impact of poor code practices in a safe environment.

40 missions covering common security vulnerabilities are currently available, all of which are based on real-world scenarios such as the cyber attacks and security breaches Facebook, WhatsApp, GitHub and high-profile banks have faced.

Targeted at developers, engineering leads and software security professionals, Missions challenges coders to experience these complex issues in a safe environment, the company states.

The overall goal is to empower developers to explore different ways to solve each Mission and encourages coders to practice their skills and knowledge, fostering a step-by-step approach to learning, the company states.

Secure Code Warrior co-founder and CEO Pieter Danhieux says, “Missions is like a flight simulator for coders. Just like a pilot who needs to continually train to keep flying, Missions offers practical applications of live code in a hyper-relevant environment designed to encourage coders to understand attacks, practice and perfect their secure coding skills and knowledge.

Danhieux says, “We're levelling up our existing offerings in a logical fashion and creating a progressive, scaffolded approach to building skills.

"It helps developers move from merely recalling knowledge to systematically building upon their experiences and skillset in real-time, fostering valuable secure coding skills that are job-relevant and allowing coders to experience the impact of insecure code first hand, in a safe environment.

Secure Code Warrior Missions are included as part of Secure Code Warriors standard feature set, with seven language frameworks supported at launch, including Java:Spring, C#(.NET):MVC, C#(.NET):Web Forms, Python:Django, Java:Enterprise Edition (JSP), JavaScript:Node.JS and C#:Core.

The new offering is the result of Secure Code Warrior's acquisition of Iceland-based start-up Adversary in April 2020.

A security expert at one of Australia's largest general insurance companies trialled Missions over two weeks.

He says, “Missions problem-solving approach helps developers think and understand security vulnerabilities in-depth, and has increased our teams ability to spot security vulnerabilities in code review.

For developers interested in taking on the mindset of a security researcher, Secure Code Warrior has released a public mission simulating the Unicode vulnerability that impacted GitHub in 2019.

Secure Code Warrior is a secure coding platform designed to help developers think and act with a security mindset. The platform is role-specific for developers and uses a mix of gamification techniques to aid learning and increase adoption across an organisation, the company states.

It supports a wide range of programming languages and frameworks that power modern software, including digital infrastructures such as web apps and services, API, mobile, IoT technology, and legacy systems still in use by major companies around the world.