Going for Gold: Soaring Secure Code Standards at Paysafe
Paysafe helps turn financial transactions into experiences rooted in trust, and they know that providing a secure, seamless platform that processes over $152B in annualized transaction volume requires far more than meeting basic compliance standards. Over the past four years, Paysafe continues to drive a holistic approach to developer risk management through their partnership with Secure Code Warrior, with their application security program demonstrating a positive impact on overall business needs, including:
The Challenge: Elevating Secure Code Standards Across Paysafe
As a multinational online payment provider, Paysafe has always seen secure coding as a strategic priority that extends beyond simply fulfilling PCI DSS compliance requirements. While formal, expert-led classroom training sessions and skill assessments were part of their early efforts, Paysafe’s goal has always been to continuously expand the scope and scale of their secure coding initiative, ensuring a best-in-class approach to application security and that engineers write secure code from the start.
“For us, it’s never been about just checking a box that we have provided training. Our goal is to keep our staff aware of ongoing developments. We are always striving to be better and do more. We want engineering teams and security teams to collaborate. Teams that can develop themselves are more informed and design better code,” said Boyan Hristov, People Development Partner at Paysafe.
Paysafe’s vision was to shift security left, developing security-aware engineers who embed secure coding practices into every stage of the software development lifecycle. To support this, they needed a scalable, engaging, and continuous program that would not only provide audit evidence for PCI compliance purposes, but also drive deep and lasting cultural change. This included gamified learning experiences, regular tournaments, and always-on training to help engage developers and push them to stay at the forefront of industry security trends.
The Solution: A Cutting-Edge Approach with Secure Code Warrior
Paysafe adopted Secure Code Warrior’s Developer Risk Management Platform to help scale secure coding practices, engage engineers and embed security earlier in the development lifecycle. Their Security Champions program has grown over time, with Secure Code Warrior playing a critical role in achieving cyber risk prevention goals.
Paysafe allowed developers to organically engage with the platform, encouraging gamified activities like tournaments with enticing prizes to get developers involved and excited. When the program initially rolled out, they made some assessments mandatory to help meet PCI compliance requirements and offered other content and activities as an option.
As the program gained traction, leadership provided additional support, further aligning the goals of development and infosec teams. This allowed the Paysafe team to take the program to the next level and introduce more formal certification programs with designated KPI and success incentives.
The next phase of the program focused on industry-standard OWASP Top 10 topics, with certification stages allowing developers to advance through various levels of achievement. Now, the program has reached a new level of scale and maturity, elevating the baseline standards for developers across the board, from full-time employees to contingent workers.
“We greatly value the partnership we’ve built with SCW over the past four years. Together we’ve been able to deliver targeted application security training and foster stronger relationships between our security and engineering teams, anchored in a shared commitment to developing secure code the first time, and as early as possible in the SDLC,” says Alan Osborne, Chief Information Security Officer at Paysafe.
With the continued support and alignment of the CISO, CTO and executive leaders across engineering, Paysafe has partnered with Secure Code Warrior to continuously evolve their program. Today, the program is closely aligned with business needs, provides tangible outcomes, and remains relevant and engaging for internal teams.
Results: A New Standard for Secure Code Across the Organization
Paysafe's application security initiatives have improved since the start of their journey four years ago. Through the partnership with Secure Code Warrior, Paysafe has demonstrated the tremendous impact a holistic approach to developer risk management can have across the organization.
Paysafe’s analysis of SAST scan data showed that applications developed by teams trained with Secure Code Warrior showed a notable reduction in vulnerabilities detected during early-stage development scans. The number of vulnerabilities found at first scan decreased further in teams where developers were more actively engaged with the SCW platform.
The team with the highest level of activity and engagement in Secure Code Warrior saw a significant reduction, year over year, in vulnerabilities found during early development phases – highlighting the added value of continuous, skills-based training in reinforcing secure coding habits. Creating secure code from the start saved their team and other teams along the SDLC a significant amount of time. Thousands of development hours were saved by eliminating the need to identify, log and rework code vulnerabilities by preventing them during early development. This resulted in a 45% improvement in developer productivity helping to demonstrate the benefits of secure code upskilling and improving the day-to-day development process. A win-win for engineering and AppSec teams alike.
Paysafe’s dedication to secure code has helped them stand out and achieve a fourth-place ranking SCW Trust Score® within the Banking & Financial Services benchmark. While this is an achievement they are proud of, Paysafe’s commitment to secure code initiatives doesn’t stop there. Encouraged by the results they’ve seen through the partnership with Secure Code Warrior, Paysafe seeks to further elevate the program.
“Secure Code Warrior has helped us increase developer productivity, accelerate our ability to bring products and improvements to market, and significantly reduce costs and risk over time,” says Alan Osborne, Chief Information Security Officer at Paysafe. “We’ve demonstrated that secure coding, driven by enhanced developer training, is not just a ‘nice to have’, but a proven investment that delivers real ROI while strengthening our developers’ skills, experience and capabilities.”
Next up, Paysafe aims to further operationalize its security standards by incorporating additional governance and risk management measures into its process, with SCW Trust Agent deepening its long-standing partnership with Secure Code Warrior and demonstrating its commitment to cybersecurity excellence.
See how Paysafe's partnership with Secure Code Warrior led to a 45% boost in developer productivity and a major reduction in code vulnerabilities.
Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.
Book a demo
Paysafe helps turn financial transactions into experiences rooted in trust, and they know that providing a secure, seamless platform that processes over $152B in annualized transaction volume requires far more than meeting basic compliance standards. Over the past four years, Paysafe continues to drive a holistic approach to developer risk management through their partnership with Secure Code Warrior, with their application security program demonstrating a positive impact on overall business needs, including:
The Challenge: Elevating Secure Code Standards Across Paysafe
As a multinational online payment provider, Paysafe has always seen secure coding as a strategic priority that extends beyond simply fulfilling PCI DSS compliance requirements. While formal, expert-led classroom training sessions and skill assessments were part of their early efforts, Paysafe’s goal has always been to continuously expand the scope and scale of their secure coding initiative, ensuring a best-in-class approach to application security and that engineers write secure code from the start.
“For us, it’s never been about just checking a box that we have provided training. Our goal is to keep our staff aware of ongoing developments. We are always striving to be better and do more. We want engineering teams and security teams to collaborate. Teams that can develop themselves are more informed and design better code,” said Boyan Hristov, People Development Partner at Paysafe.
Paysafe’s vision was to shift security left, developing security-aware engineers who embed secure coding practices into every stage of the software development lifecycle. To support this, they needed a scalable, engaging, and continuous program that would not only provide audit evidence for PCI compliance purposes, but also drive deep and lasting cultural change. This included gamified learning experiences, regular tournaments, and always-on training to help engage developers and push them to stay at the forefront of industry security trends.
The Solution: A Cutting-Edge Approach with Secure Code Warrior
Paysafe adopted Secure Code Warrior’s Developer Risk Management Platform to help scale secure coding practices, engage engineers and embed security earlier in the development lifecycle. Their Security Champions program has grown over time, with Secure Code Warrior playing a critical role in achieving cyber risk prevention goals.
Paysafe allowed developers to organically engage with the platform, encouraging gamified activities like tournaments with enticing prizes to get developers involved and excited. When the program initially rolled out, they made some assessments mandatory to help meet PCI compliance requirements and offered other content and activities as an option.
As the program gained traction, leadership provided additional support, further aligning the goals of development and infosec teams. This allowed the Paysafe team to take the program to the next level and introduce more formal certification programs with designated KPI and success incentives.
The next phase of the program focused on industry-standard OWASP Top 10 topics, with certification stages allowing developers to advance through various levels of achievement. Now, the program has reached a new level of scale and maturity, elevating the baseline standards for developers across the board, from full-time employees to contingent workers.
“We greatly value the partnership we’ve built with SCW over the past four years. Together we’ve been able to deliver targeted application security training and foster stronger relationships between our security and engineering teams, anchored in a shared commitment to developing secure code the first time, and as early as possible in the SDLC,” says Alan Osborne, Chief Information Security Officer at Paysafe.
With the continued support and alignment of the CISO, CTO and executive leaders across engineering, Paysafe has partnered with Secure Code Warrior to continuously evolve their program. Today, the program is closely aligned with business needs, provides tangible outcomes, and remains relevant and engaging for internal teams.
Results: A New Standard for Secure Code Across the Organization
Paysafe's application security initiatives have improved since the start of their journey four years ago. Through the partnership with Secure Code Warrior, Paysafe has demonstrated the tremendous impact a holistic approach to developer risk management can have across the organization.
Paysafe’s analysis of SAST scan data showed that applications developed by teams trained with Secure Code Warrior showed a notable reduction in vulnerabilities detected during early-stage development scans. The number of vulnerabilities found at first scan decreased further in teams where developers were more actively engaged with the SCW platform.
The team with the highest level of activity and engagement in Secure Code Warrior saw a significant reduction, year over year, in vulnerabilities found during early development phases – highlighting the added value of continuous, skills-based training in reinforcing secure coding habits. Creating secure code from the start saved their team and other teams along the SDLC a significant amount of time. Thousands of development hours were saved by eliminating the need to identify, log and rework code vulnerabilities by preventing them during early development. This resulted in a 45% improvement in developer productivity helping to demonstrate the benefits of secure code upskilling and improving the day-to-day development process. A win-win for engineering and AppSec teams alike.
Paysafe’s dedication to secure code has helped them stand out and achieve a fourth-place ranking SCW Trust Score® within the Banking & Financial Services benchmark. While this is an achievement they are proud of, Paysafe’s commitment to secure code initiatives doesn’t stop there. Encouraged by the results they’ve seen through the partnership with Secure Code Warrior, Paysafe seeks to further elevate the program.
“Secure Code Warrior has helped us increase developer productivity, accelerate our ability to bring products and improvements to market, and significantly reduce costs and risk over time,” says Alan Osborne, Chief Information Security Officer at Paysafe. “We’ve demonstrated that secure coding, driven by enhanced developer training, is not just a ‘nice to have’, but a proven investment that delivers real ROI while strengthening our developers’ skills, experience and capabilities.”
Next up, Paysafe aims to further operationalize its security standards by incorporating additional governance and risk management measures into its process, with SCW Trust Agent deepening its long-standing partnership with Secure Code Warrior and demonstrating its commitment to cybersecurity excellence.
Paysafe helps turn financial transactions into experiences rooted in trust, and they know that providing a secure, seamless platform that processes over $152B in annualized transaction volume requires far more than meeting basic compliance standards. Over the past four years, Paysafe continues to drive a holistic approach to developer risk management through their partnership with Secure Code Warrior, with their application security program demonstrating a positive impact on overall business needs, including:
The Challenge: Elevating Secure Code Standards Across Paysafe
As a multinational online payment provider, Paysafe has always seen secure coding as a strategic priority that extends beyond simply fulfilling PCI DSS compliance requirements. While formal, expert-led classroom training sessions and skill assessments were part of their early efforts, Paysafe’s goal has always been to continuously expand the scope and scale of their secure coding initiative, ensuring a best-in-class approach to application security and that engineers write secure code from the start.
“For us, it’s never been about just checking a box that we have provided training. Our goal is to keep our staff aware of ongoing developments. We are always striving to be better and do more. We want engineering teams and security teams to collaborate. Teams that can develop themselves are more informed and design better code,” said Boyan Hristov, People Development Partner at Paysafe.
Paysafe’s vision was to shift security left, developing security-aware engineers who embed secure coding practices into every stage of the software development lifecycle. To support this, they needed a scalable, engaging, and continuous program that would not only provide audit evidence for PCI compliance purposes, but also drive deep and lasting cultural change. This included gamified learning experiences, regular tournaments, and always-on training to help engage developers and push them to stay at the forefront of industry security trends.
The Solution: A Cutting-Edge Approach with Secure Code Warrior
Paysafe adopted Secure Code Warrior’s Developer Risk Management Platform to help scale secure coding practices, engage engineers and embed security earlier in the development lifecycle. Their Security Champions program has grown over time, with Secure Code Warrior playing a critical role in achieving cyber risk prevention goals.
Paysafe allowed developers to organically engage with the platform, encouraging gamified activities like tournaments with enticing prizes to get developers involved and excited. When the program initially rolled out, they made some assessments mandatory to help meet PCI compliance requirements and offered other content and activities as an option.
As the program gained traction, leadership provided additional support, further aligning the goals of development and infosec teams. This allowed the Paysafe team to take the program to the next level and introduce more formal certification programs with designated KPI and success incentives.
The next phase of the program focused on industry-standard OWASP Top 10 topics, with certification stages allowing developers to advance through various levels of achievement. Now, the program has reached a new level of scale and maturity, elevating the baseline standards for developers across the board, from full-time employees to contingent workers.
“We greatly value the partnership we’ve built with SCW over the past four years. Together we’ve been able to deliver targeted application security training and foster stronger relationships between our security and engineering teams, anchored in a shared commitment to developing secure code the first time, and as early as possible in the SDLC,” says Alan Osborne, Chief Information Security Officer at Paysafe.
With the continued support and alignment of the CISO, CTO and executive leaders across engineering, Paysafe has partnered with Secure Code Warrior to continuously evolve their program. Today, the program is closely aligned with business needs, provides tangible outcomes, and remains relevant and engaging for internal teams.
Results: A New Standard for Secure Code Across the Organization
Paysafe's application security initiatives have improved since the start of their journey four years ago. Through the partnership with Secure Code Warrior, Paysafe has demonstrated the tremendous impact a holistic approach to developer risk management can have across the organization.
Paysafe’s analysis of SAST scan data showed that applications developed by teams trained with Secure Code Warrior showed a notable reduction in vulnerabilities detected during early-stage development scans. The number of vulnerabilities found at first scan decreased further in teams where developers were more actively engaged with the SCW platform.
The team with the highest level of activity and engagement in Secure Code Warrior saw a significant reduction, year over year, in vulnerabilities found during early development phases – highlighting the added value of continuous, skills-based training in reinforcing secure coding habits. Creating secure code from the start saved their team and other teams along the SDLC a significant amount of time. Thousands of development hours were saved by eliminating the need to identify, log and rework code vulnerabilities by preventing them during early development. This resulted in a 45% improvement in developer productivity helping to demonstrate the benefits of secure code upskilling and improving the day-to-day development process. A win-win for engineering and AppSec teams alike.
Paysafe’s dedication to secure code has helped them stand out and achieve a fourth-place ranking SCW Trust Score® within the Banking & Financial Services benchmark. While this is an achievement they are proud of, Paysafe’s commitment to secure code initiatives doesn’t stop there. Encouraged by the results they’ve seen through the partnership with Secure Code Warrior, Paysafe seeks to further elevate the program.
“Secure Code Warrior has helped us increase developer productivity, accelerate our ability to bring products and improvements to market, and significantly reduce costs and risk over time,” says Alan Osborne, Chief Information Security Officer at Paysafe. “We’ve demonstrated that secure coding, driven by enhanced developer training, is not just a ‘nice to have’, but a proven investment that delivers real ROI while strengthening our developers’ skills, experience and capabilities.”
Next up, Paysafe aims to further operationalize its security standards by incorporating additional governance and risk management measures into its process, with SCW Trust Agent deepening its long-standing partnership with Secure Code Warrior and demonstrating its commitment to cybersecurity excellence.
Click on the link below and download the PDF of this resource.
Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.
View reportBook a demo
Paysafe helps turn financial transactions into experiences rooted in trust, and they know that providing a secure, seamless platform that processes over $152B in annualized transaction volume requires far more than meeting basic compliance standards. Over the past four years, Paysafe continues to drive a holistic approach to developer risk management through their partnership with Secure Code Warrior, with their application security program demonstrating a positive impact on overall business needs, including:
The Challenge: Elevating Secure Code Standards Across Paysafe
As a multinational online payment provider, Paysafe has always seen secure coding as a strategic priority that extends beyond simply fulfilling PCI DSS compliance requirements. While formal, expert-led classroom training sessions and skill assessments were part of their early efforts, Paysafe’s goal has always been to continuously expand the scope and scale of their secure coding initiative, ensuring a best-in-class approach to application security and that engineers write secure code from the start.
“For us, it’s never been about just checking a box that we have provided training. Our goal is to keep our staff aware of ongoing developments. We are always striving to be better and do more. We want engineering teams and security teams to collaborate. Teams that can develop themselves are more informed and design better code,” said Boyan Hristov, People Development Partner at Paysafe.
Paysafe’s vision was to shift security left, developing security-aware engineers who embed secure coding practices into every stage of the software development lifecycle. To support this, they needed a scalable, engaging, and continuous program that would not only provide audit evidence for PCI compliance purposes, but also drive deep and lasting cultural change. This included gamified learning experiences, regular tournaments, and always-on training to help engage developers and push them to stay at the forefront of industry security trends.
The Solution: A Cutting-Edge Approach with Secure Code Warrior
Paysafe adopted Secure Code Warrior’s Developer Risk Management Platform to help scale secure coding practices, engage engineers and embed security earlier in the development lifecycle. Their Security Champions program has grown over time, with Secure Code Warrior playing a critical role in achieving cyber risk prevention goals.
Paysafe allowed developers to organically engage with the platform, encouraging gamified activities like tournaments with enticing prizes to get developers involved and excited. When the program initially rolled out, they made some assessments mandatory to help meet PCI compliance requirements and offered other content and activities as an option.
As the program gained traction, leadership provided additional support, further aligning the goals of development and infosec teams. This allowed the Paysafe team to take the program to the next level and introduce more formal certification programs with designated KPI and success incentives.
The next phase of the program focused on industry-standard OWASP Top 10 topics, with certification stages allowing developers to advance through various levels of achievement. Now, the program has reached a new level of scale and maturity, elevating the baseline standards for developers across the board, from full-time employees to contingent workers.
“We greatly value the partnership we’ve built with SCW over the past four years. Together we’ve been able to deliver targeted application security training and foster stronger relationships between our security and engineering teams, anchored in a shared commitment to developing secure code the first time, and as early as possible in the SDLC,” says Alan Osborne, Chief Information Security Officer at Paysafe.
With the continued support and alignment of the CISO, CTO and executive leaders across engineering, Paysafe has partnered with Secure Code Warrior to continuously evolve their program. Today, the program is closely aligned with business needs, provides tangible outcomes, and remains relevant and engaging for internal teams.
Results: A New Standard for Secure Code Across the Organization
Paysafe's application security initiatives have improved since the start of their journey four years ago. Through the partnership with Secure Code Warrior, Paysafe has demonstrated the tremendous impact a holistic approach to developer risk management can have across the organization.
Paysafe’s analysis of SAST scan data showed that applications developed by teams trained with Secure Code Warrior showed a notable reduction in vulnerabilities detected during early-stage development scans. The number of vulnerabilities found at first scan decreased further in teams where developers were more actively engaged with the SCW platform.
The team with the highest level of activity and engagement in Secure Code Warrior saw a significant reduction, year over year, in vulnerabilities found during early development phases – highlighting the added value of continuous, skills-based training in reinforcing secure coding habits. Creating secure code from the start saved their team and other teams along the SDLC a significant amount of time. Thousands of development hours were saved by eliminating the need to identify, log and rework code vulnerabilities by preventing them during early development. This resulted in a 45% improvement in developer productivity helping to demonstrate the benefits of secure code upskilling and improving the day-to-day development process. A win-win for engineering and AppSec teams alike.
Paysafe’s dedication to secure code has helped them stand out and achieve a fourth-place ranking SCW Trust Score® within the Banking & Financial Services benchmark. While this is an achievement they are proud of, Paysafe’s commitment to secure code initiatives doesn’t stop there. Encouraged by the results they’ve seen through the partnership with Secure Code Warrior, Paysafe seeks to further elevate the program.
“Secure Code Warrior has helped us increase developer productivity, accelerate our ability to bring products and improvements to market, and significantly reduce costs and risk over time,” says Alan Osborne, Chief Information Security Officer at Paysafe. “We’ve demonstrated that secure coding, driven by enhanced developer training, is not just a ‘nice to have’, but a proven investment that delivers real ROI while strengthening our developers’ skills, experience and capabilities.”
Next up, Paysafe aims to further operationalize its security standards by incorporating additional governance and risk management measures into its process, with SCW Trust Agent deepening its long-standing partnership with Secure Code Warrior and demonstrating its commitment to cybersecurity excellence.
Table of contents
Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.
Book a demoDownloadResources to get you started
.png)
Trust Agent: AI by Secure Code Warrior
This one-pager introduces SCW Trust Agent: AI, a new set of capabilities that provide deep observability and governance over AI coding tools. Learn how our solution uniquely correlates AI tool usage with developer skills to help you manage risk, optimize your SDLC, and ensure every line of AI-generated code is secure.
.avif)
Vibe Coding: Practical Guide to Updating Your AppSec Strategy for AI
Watch on-demand to learn how to empower AppSec managers to become AI enablers, rather than blockers, through a practical, training-first approach. We'll show you how to leverage Secure Code Warrior (SCW) to strategically update your AppSec strategy for the age of AI coding assistants.
Resources to get you started
.avif)
Developer-driven coding.
Securely.
Contact us today and make software security an intrinsic part of your development process.
