The global software company - an Australian scale-up - has bolstered its guided learning pathways with hands-on coding simulations of real-world applications. These items are all designed to foster a security-first mindset in software developers.
Missions was officially integrated into Secure Code Warrior's learning platform in August 2020, following the company’s acquisition of Icelandic start-up Adversary. In the time since 85% of customers have embraced the offensive coding simulations of real-world software vulnerabilities. These Missions challenge developers to experience the impact of poor code practices, and to solve vulnerabilities through secure coding in a safe environment. Today’s announcement sees Missions embedded into courses.
Walkthroughs will further immerse developers in these real-world scenarios providing context and explicit instructions to showcase the risk of insecure code to organisations. 18 walkthroughs have been added to course templates, including a simulation of the Apache path traversal vulnerability and coverage of the OWASP top 10 list for 2021.
Pieter Danhieux, co-founder and CEO of Secure Code Warrior, said the addition of Missions and Walkthroughs to Courses has levelled up the organisation’s offering to provide developer education that embeds intrinsic security.
“Missions is a hands-on, offensive simulation of what coders face in their day-to-day development. By practising in scenarios that are as close to real-world situations as possible, our coders are able to recognise security flaws and combat them in real-time,” Danhieux said.
“With the addition of Walkthroughs and Missions to Courses, we have elevated our unique, scaffolded approach to developer education. Developers at every stage are able to progressively upskill in their preferred language/framework and build critical skills that are transferable to the code-base they use every day, enabling our customers to release quality, secure code faster.”
49 missions covering common security vulnerabilities are available in 42 languages and frameworks, all of which are based on real-world scenarios like the cyber-attacks and security breaches Facebook, WhatsApp, GitHub and high-profile banks have faced.