Video: 10 Minute IT Jams - An update from Secure Code Warrior
Today, it is not just banks and technology giants that are writing software: nearly every business, from high street retailers to household brands, is a technology shop. Behind this transformation are firms like Secure Code Warrior, an Australian company on a mission to make the digital world safer by helping developers write more secure code.
Peter Danhieux, co-founder and chief executive of Secure Code Warrior, sat down for a conversation to discuss the company's mission, innovations, and global ambitions. "What we're trying to do is give developers skills and tools that will help them write secure code faster," he said. But their remit goes further, offering chief security officers and chief information officers real insights into how their development teams are performing from a security perspective.
Danhieux said two major trends are shaping the need for Secure Code Warrior's services. "Software development is basically speeding up a lot and a lot of companies are turning into technology shops. It's not only the banks anymore and technology companies but, it is everybody from Lego, IKEA – they're all writing code on devices," he explained. While this democratisation of coding powers business innovation, it also introduces new risks. "The number of breaches that we're seeing is increasing every single day. I've been in the space for about 20 years, and there was like one breach a year in the early 2000s. Now it's roughly about one a day, right? You open up the newspaper, the first thing you see is that a company got breached or hacked, and usually it's because of software or a badly written coding pattern," he said.
It is this rising threat that drives Secure Code Warrior's approach: to stem the tide of breaches by arming developers with better knowledge and tools. "We're trying to help solve that problem," he affirmed.
When it comes to teaching software security, Secure Code Warrior employs an approach that Danhieux likens to learning how to drive. "You can watch a video, you can read a book, you can sit in the car or you can basically go on the road and drive with the car, right? And what we're doing is we're taking the developer through that exact same journey," he said. Theory is important, but hands-on experience is essential. "We're giving them the knowledge, the theory, the book, the video on why what can happen if you're driving safely. But then we're putting the developer into a car, into an assimilated environment, where they can experience what it is to have an accident or how to get breached, and then how to avoid getting breached and how to fix your code... All of that is in a hands-on experience which we've gamified and made fun," Danhieux explained.
This "practical simulator", as he calls it, immerses developers in realistic scenarios tailored to their specific language or technology framework. "A developer that is writing in C++ for embedded systems is very different than a developer that is writing code for a mobile app, right? So we need to build things that are really context specific for the environment they're working in," he said.
Secure Code Warrior's mission is not just external. Danhieux is quick to note that his own software teams must set an example. "We are a cybersecurity company, which means that we cannot afford to get breached. Like, we as a cybersecurity company getting breached – that would be really bad," he said with a chuckle. The company strives to "build in security into every single developer in your company," by giving employees tools integrated into their source code repositories and development pipelines. "Internally we are focused on speed of delivery but making sure that it's secure as well," he added.
Over the past few years, Secure Code Warrior has grown from its Sydney headquarters to become a global business with offices in Boston, Portland, Iceland and London. However, the roots remain proudly Antipodean. "We started out as a company in Sydney, so we were born and bred and built here. Now today we have offices in Boston and Portland and Iceland and London, so we're a bigger company now," Danhieux said. "But still the core headquarters is here in Australia, where we have our customers, our customer function, our product team, our engineering team – it is kind of all sitting here."
He describes Secure Code Warrior as an "Australian company that still has a lot of resources in this market that has kind of gone global since 2016."
Partnership is also a key aspect of Secure Code Warrior's operations. "We have a specific partner team that will work with technology partners where we can integrate products with their products. We have a partner team where we can go sell and do marketing things together," he explained. Their annual "Dev Olympics" event unites developers from around the world to compete in secure coding, with past tournaments involving notable technology brands and more than 1,500 developers participating globally. "Those developers were competing to be the best developer from a security perspective, and we had a prize and a whole fun environment," Danhieux said.
For customers or partners wanting to engage with Secure Code Warrior, Danhieux emphasises that global collaborations are welcomed and encouraged, with dedicated teams and a focus on shared innovation. Events like the Dev Olympics are designed with a broader goal in mind. "One of the things we wanted to do is create global awareness around this problem around secure software," he said.
As cyberattacks become a daily occurrence and businesses increasingly become software-driven, the urgency of building secure code is greater than ever. Secure Code Warrior stands at the intersection of these trends, prepared to champion not just best practice, but best experience for the next generation of coders.
On what keeps Danhieux and his team motivated, he concluded simply, "The whole idea is to immerse them into a practical simulator into an environment where they can learn about the good and the bad things on what to do in their coding stack."
