sb-as logo
Story image

Secure Code Warrior launches offering to help developers adopt a security mindset

Secure Code Warrior, the secure coding company, has launched a new educational offering that simulates realistic situations to help developers extend their coding skills and preparedness.

Called Missions, the solution focuses on interactive coding simulations of real-world applications that encourage developers to experience the real-time impact of poor code practices in a safe environment.

40 missions covering common security vulnerabilities are currently available, all of which are based on real-world scenarios such as the cyber attacks and security breaches Facebook, WhatsApp, GitHub and high-profile banks have faced.

Targeted at developers, engineering leads and software security professionals, Missions challenges coders to experience these complex issues in a safe environment, the company states.

The overall goal is to empower developers to explore different ways to solve each Mission and encourages coders to practice their skills and knowledge, fostering a step-by-step approach to learning, the company states.

Secure Code Warrior co-founder and CEO Pieter Danhieux says, “Missions is like a flight simulator for coders. Just like a pilot who needs to continually train to keep flying, Missions offers practical applications of live code in a hyper-relevant environment designed to encourage coders to understand attacks, practice and perfect their secure coding skills and knowledge.”

Danhieux says, “We’re levelling up our existing offerings in a logical fashion and creating a progressive, scaffolded approach to building skills.

"It helps developers move from merely recalling knowledge to systematically building upon their experiences and skillset in real-time, fostering valuable secure coding skills that are job-relevant and allowing coders to experience the impact of insecure code first hand, in a safe environment.”

Secure Code Warrior Missions are included as part of Secure Code Warriors standard feature set, with seven language frameworks supported at launch, including Java:Spring, C#(.NET):MVC, C#(.NET):Web Forms, Python:Django, Java:Enterprise Edition (JSP), JavaScript:Node.JS and C#:Core.

The new offering is the result of Secure Code Warrior's acquisition of Iceland-based start-up Adversary in April 2020.

A security expert at one of Australia's largest general insurance companies trialled Missions over two weeks.

He says, “Missions problem-solving approach helps developers think and understand security vulnerabilities in-depth, and has increased our teams ability to spot security vulnerabilities in code review.”

For developers interested in taking on the mindset of a security researcher, Secure Code Warrior has released a public mission simulating the Unicode vulnerability that impacted GitHub in 2019.

Secure Code Warrior is a secure coding platform designed to help developers think and act with a security mindset. The platform is role-specific for developers and uses a mix of gamification techniques to aid learning and increase adoption across an organisation, the company states.

It supports a wide range of programming languages and frameworks that power modern software, including digital infrastructures such as web apps and services, API, mobile, IoT technology, and legacy systems still in use by major companies around the world.

Story image
Trend Micro adds cloud-native container security to Cloud One Services Platform
Designed to ease the security of container builds, deployments and runtime workflows, the new service helps developers accelerate innovation and minimise application downtime across Kubernetes environments.More
Story image
Demystifying 'zero trust' and its role in cybersecurity
The principle of ‘zero trust’ in cybersecurity is simple: Trust nothing, and verify everything.More
Story image
Malware variants becoming increasingly prevalent, sophisticated and evolved
"The modern threat landscape and ongoing evolution of malware are loud factors pushing every business to understand and identify modern malware threats and the necessary precautions to take to protect against them."More
Story image
One Identity reaches out to SolarWinds customers following breach
According to the company, this free assessment seeks to help organisations navigate through times of uncertainty as attacks continue to grow in sophistication and complexity across the broad range of identity-centric risks.More
Story image
Sophos Rapid Response puts out the ransomware fire
“Attackers are using a range of techniques and whichever defence has a weakness is how they get in. When one technique fails they move on to the next, until they find a weak spot."More
Story image
Microsoft top targeted brand by cyber criminals in Q4 2020
In Q4, 43% of all brand phishing attempts related to Microsoft (up from 19% in Q3), as threat actors continued to try to capitalise on people working remotely during the COVID-19 pandemic’s second wave. More