Secure Code Warrior Reviews

Its a fun and educational way to learn and practice coding skills. The hints and feedback provided are really helpful in guiding developers.

The IDE is frustrating and sometimes the problems feel like they prioritize tricks over helping developers shift left on security.

Secure Code Warrior solves the issue of code security practice by providing a platform where our developers learn and improve their skills. This has improved the security of our code.

Most of all, I liked finding vulnerabilities in non-obvious places when passing tests.

Some tests contain completely unexpected answers, but most of the answers are obvious if you read the test description carefully.

I have become much more careful when implementing SOAP calls. Refactoring has been done in some places when working with XML.

very simple platform, and we all noticed results very fast.

If anything the interface is a bit dark?

It is helping us reduce the amount of vulnerabilities we release.

Increase the awareness in secure coding.

Making us secure code experts.

Secure Code Warrior's UI is excellent as it is visually pleasing, and the gamified elements keep it fresh and entertaining.

Currently, there are limited accessibility features for users who have visual disabilities.

Secure Code Warrior is helping us to have a platform we can trust to deliver learning opportunities to our developers. By outsourcing this, we know that the education taught is quality. As Secure Code Warrior works with the National Security Cyber Centre and various frameworks and standards, we know our developers are learning what they need to know to develop secure code.

It is extremely easy to pick up Secure Code Warrior and it's fun too. It feels like you're playing and game and before you know it, you're learning how to write secure code!

Secure Code Warrior was not a good fit for Software Testers. However, this changed with Missions. Everyone I have spoken to, be it Developers or QAs, enjoys playing SCW Missions. I feel the platform could be improved further with Missions that were tailored toward black box penetration testing.

Try it.

Secure Code Warrior has helped to raise awareness of security vulnerabilities, educate how the vulnerabilities can be exploited, highlight the damage the exploitation can cause to a business, and show best practices to prevent the vulnerabilities.

That the customer success team is easygoing and super helpful.

I have nothing that comes to mind. I am really satisfied.

Do it! It will be a great experience and the customer success team will contribute to that.

Improve developer's knowledge of secure development.

We can easily see the developers participating and using the platform to improve their knowledge.

Wide coverage of SW languages and frameworks and relevant training materials

A user access role in the product can be bound to a Developer or an Admin, not to both. We need Admins to be able to train themselves.

Training our developers so they can fix vulns

The best part of Secure Code Warrior is how the UI is fun and interactive, which helps keep developers interested and focused on the tasks at hand, and also helps make them want to take part on their own accord.

There isn't much to dislike. Sometimes the hints are less helpful than they could be as they will take away an answer rather than give more details about it, however, this is something that we raised with the Secure Code Warrior team and they took this on board and have already started working on better ways to represent the hints to give the developers the best experience when completing their courses.

I work in the application security department of my company, and as such, it is my responsibility to ensure the developers are coding securely. With the help of Secure Code Warrior courses, I can ensure that every developer is trained to look out for certain threat vectors, and how to overcome them when they are coding. This sets a standard where we know the developers are keeping security in mind whilst creating new features which in turn helps reduce the number of vulnerabilities pushed to development. If a vulnerability is created and pushed to development, the cost to fix this is 10x more than if it was handled correctly to begin with. Secure Code Warrior helps to make sure the 'shift left' security methodology is applied effectively and sets a standard of knowledge you can prove across the business with the assessments the developers must pass.

The ability to be hands-on to learn secure coding as a sofware developer/programmer. As a beginner in secure coding, I can refer to the resources section (videos). As an intermediate level, I can play with challenges on the training or courses ground. As an expert, I can take assessments or participate in timed-tournaments. SCW is for every skill level of a developer.

The GUI sometimes shapes out when operating it at high loads (prolonged period of use).

While there are tens of other tools in the market on secure coding, SecureCodeWarrior is the best platform that works for every software developer in the world, whatever skill level s/he is at. I recommend every company in the market that makes software for any business reasons to use SecureCodeWarrior as a training platform on secure coding to their developers.

Multiple.

1. Every software developer who joins the company is trained on OWASP Top 10 (at awareness level, at high skilled level). Based on secure coding skill, we can assign the developer to low sensitive or high sensitve projects.

2. PCI DSS compliance enforces software developers undergo the mandatory training. Thankfully, SCW provides secure coding course as compliant with PCI-DSS. This helps to showcase the developer's attendance and completion report during PCI-DSS audits.

I love how Secure Code Warrior provides concrete examples of vulnerable code. It is often difficult to find straightforward examples of vulnerable code in applications.

Sometimes it is unclear what the path to exploitation was even after being presented with the suggested fix for the vulnerability. I would love to see a video or written explanation of how an attacker might exploit the vulnerability in the provided example and how the approved patch fixes the vulnerability.

I highly recommend that you give Secure Code Warrior a try and maybe even require your developers to complete at least one module in a language of their choice.

Secure Code Warrior helps solve the problem of developers not having much exposure to real-world vulnerabilities. By providing examples of what vulnerable code looks like, developers are more likely to consider security when writing code.