Blog

Secure coding learning that reflects real AI usage

Secure coding learning aligned to real AI usage, developer workflows, and modern software development practices.

AI-assisted development is already becoming part of everyday engineering work.

A developer may manually write core application logic in the morning, use AI to generate test coverage in the afternoon, then review AI-assisted pull requests before the end of the day. The workflows are fluid. The tooling changes quickly. Usage patterns evolve week to week, sometimes team to team.

Historically, secure coding learning operated on relatively fixed cycles — onboarding pathways, annual assignments, broad role-based training, or periodic awareness campaigns. Those models made sense when development tooling evolved more gradually and learning requirements stayed relatively stable over time.

AI-assisted development moves differently. Security teams now need a more responsive way to keep secure coding guidance connected to how developers are actually working in the moment.

Adaptive Learning is designed to help organizations align secure coding learning to real software development activity and software risk signals across the SDLC.

‍That includes AI-assisted development activity, vulnerability findings, and evolving developer behavior tied to how software is actually being built.

In this post, we’re focusing specifically on Adaptive Learning with AI Signals powered by Trust Agent: AI — using AI-assisted development detections to help organizations dynamically align secure coding guidance to developers actively using AI coding tools in day-to-day development work.

Learning That Reflects Real AI Usage

Secure coding learning has always been most effective when it reflects the way developers actually work. Organizations already align learning by role, coding language, technology stack, and vulnerability focus areas to make training more relevant across engineering teams.

AI-assisted development introduces an additional layer of context.

An engineer experimenting with AI-generated Python code today may spend next month reviewing infrastructure-as-code in Terraform or using AI to accelerate frontend testing workflows. Some developers rely heavily on AI coding assistants. Others barely touch them.

Adaptive Learning helps organizations turn AI visibility into targeted secure coding guidance. When Trust Agent: AI identifies AI-assisted development activity, organizations can automatically assign learning aligned to those workflows.

That means developers actively using AI coding assistants can receive targeted learning tied to the work already happening inside their environment — without security teams manually identifying individual developers and repeatedly reassigning learning as AI usage expands across engineering teams.

Adaptive Learning in Practice

Adaptive Learning powered by Trust Agent: AI is designed to fit naturally into existing software development workflows.

Security teams can create targeted learning aligned to secure AI-assisted development practices, then use Trust Agent: AI detections to dynamically assign that learning to developers actively using AI coding tools in their day-to-day workflows. As developers begin interacting with AI-assisted development environments, relevant secure coding guidance is automatically assigned based on that activity.

So now we can detect the AI usage, we can understand where it's happening, and we can trigger that targeted training for the right developers. And that's what I'm gonna show you today, how we take that AI signal and turn it into adaptive learning. So there are a few parts of the process which I'll walk through today. The first piece is in the policy setup on TA, then we can go to the Quest side to trigger the training. For the policy, it's super simple and straightforward. So if you want to ensure that developers who use AI need a training, you can head over to this policy section within configuration. And what you wanna do is ensure that the adaptive AI learning is toggled on. Once that's set up, that's all you need to do on the Trust Agent AI side. In this demo itself, we've already gone ahead and set up the installer and all that piece over here. We have various internal external documentation on how to locally install it or use various scripts like Jamf, there'll be other documentation on that. But in this, like I say, in this demo, I'm just gonna head on with the actual policy setup and the adaptive learning creation. Okay. So now this is set up. I'm over into quests, and what I'm gonna do is create a quest to target the specific learners who have used AI. So So once you're in the quest, if you scroll down and you look at the participant section, what we have now is a new participant type, which is trust agent detection. And what this will do is automatically pull the developers who have been flagged in that TA AI report. So what we're gonna do is select this, and we can start to fill out the rest of the quest like normal. So we give it a title, a badge, we'll scroll down to the objectives. And what's really nice about this is the flexibility that the admins have to define the criteria for the training needed. For example, they can go in and they can select the specific content. So they could just go with Coding With AI. They could go with the AI agents and the protocols as well. For this demo, I'm gonna select both of these and keep them as part of the criteria. I can also then decide the schedule, so I'm gonna use fixed dates, and then I can go ahead and configure some of the quest settings as well. One important area to note is the count pass completions. This again is flexible based on customer's needs where we can define if they want learners to complete the training regardless if they've done any of the content before, or they can set a specific time period like three or six months where they have done it recently. So for this demo, I'm gonna set it to redo all content. Once that's filled out, you can then go ahead and save and publish. Now that's set up. That's gonna be available for them developers that were flagged for the Trust Agent AI, and the two steps are complete from an admin's perspective. So we've gone in and we've set up the policy and made sure that's enabled. And we've gone over to Quest and ensure we've created a Quest that's using the new participation type, the trust agent detection. So what I can do now is quickly log in as a learner just so we can see if they have received that training. So just to quickly show you what it's like from the learner perspective, here I am logged in as a learner. I was one of the learners who flagged up based on AI usage, and therefore, I have now received the quest, which you can see here on the screen. And in the normal process, I would then go through and then go through the topics within the quest. Once I have completed this, then I've completed the quest. And that concludes the demo today. So what I've gone through is really just an overview of the importance of Trust Agent AI and adaptive learning, and then gone through to the demo of the admin experience and then quickly briefly through to the learning experience as well. As always, any questions on adaptive learning, please feel free to reach out. Always happy to help. Thank you very much.

The walkthrough above demonstrates how Adaptive Learning with AI Signals works in practice, including configuring Trust Agent Detection, creating adaptive Quests, dynamically assigning learning, and tracking participation and completion.

For step-by-step setup instructions and configuration details, explore the adaptive Learning with Trust Agent: AI knowledge base article.

Secure Coding Guidance Should Reflect How Developers Actually Work

AI-assisted development is already part of everyday engineering workflows. Developers are moving quickly between AI-generated suggestions, manually written code, automated testing, and pull request review throughout the day.

As those workflows continue evolving, secure coding guidance needs to stay connected to the way software is actually being built.

Adaptive Learning powered by Trust Agent: AI helps organizations do exactly that — aligning learning to real AI-assisted development activity so guidance reaches developers when it is most relevant and actionable.

The result is secure coding guidance that stays relevant as AI tooling evolves — without adding overhead to the security teams responsible for running the program.

View Resource

Fill out the form below to download the report

First Name

Last Name

Company Email

Company

Company Size

Job Role

Country

State

Contact Permission

We would like your permission to send you information on our products and/or related secure coding topics. We’ll always treat your personal details with the utmost care and will never sell them to other companies for marketing purposes.

I would like to hear more from Secure Code Warrior

Submit

To submit the form, please enable 'Analytics' cookies. Feel free to disable them again once you're done.

Secure coding learning aligned to real AI usage, developer workflows, and modern software development practices.

AI-assisted development is already becoming part of everyday engineering work.

A developer may manually write core application logic in the morning, use AI to generate test coverage in the afternoon, then review AI-assisted pull requests before the end of the day. The workflows are fluid. The tooling changes quickly. Usage patterns evolve week to week, sometimes team to team.

Historically, secure coding learning operated on relatively fixed cycles — onboarding pathways, annual assignments, broad role-based training, or periodic awareness campaigns. Those models made sense when development tooling evolved more gradually and learning requirements stayed relatively stable over time.

AI-assisted development moves differently. Security teams now need a more responsive way to keep secure coding guidance connected to how developers are actually working in the moment.

Adaptive Learning is designed to help organizations align secure coding learning to real software development activity and software risk signals across the SDLC.

‍That includes AI-assisted development activity, vulnerability findings, and evolving developer behavior tied to how software is actually being built.

In this post, we’re focusing specifically on Adaptive Learning with AI Signals powered by Trust Agent: AI — using AI-assisted development detections to help organizations dynamically align secure coding guidance to developers actively using AI coding tools in day-to-day development work.

Learning That Reflects Real AI Usage

Secure coding learning has always been most effective when it reflects the way developers actually work. Organizations already align learning by role, coding language, technology stack, and vulnerability focus areas to make training more relevant across engineering teams.

AI-assisted development introduces an additional layer of context.

An engineer experimenting with AI-generated Python code today may spend next month reviewing infrastructure-as-code in Terraform or using AI to accelerate frontend testing workflows. Some developers rely heavily on AI coding assistants. Others barely touch them.

Adaptive Learning helps organizations turn AI visibility into targeted secure coding guidance. When Trust Agent: AI identifies AI-assisted development activity, organizations can automatically assign learning aligned to those workflows.

That means developers actively using AI coding assistants can receive targeted learning tied to the work already happening inside their environment — without security teams manually identifying individual developers and repeatedly reassigning learning as AI usage expands across engineering teams.

Adaptive Learning in Practice

Adaptive Learning powered by Trust Agent: AI is designed to fit naturally into existing software development workflows.

Security teams can create targeted learning aligned to secure AI-assisted development practices, then use Trust Agent: AI detections to dynamically assign that learning to developers actively using AI coding tools in their day-to-day workflows. As developers begin interacting with AI-assisted development environments, relevant secure coding guidance is automatically assigned based on that activity.

So now we can detect the AI usage, we can understand where it's happening, and we can trigger that targeted training for the right developers. And that's what I'm gonna show you today, how we take that AI signal and turn it into adaptive learning. So there are a few parts of the process which I'll walk through today. The first piece is in the policy setup on TA, then we can go to the Quest side to trigger the training. For the policy, it's super simple and straightforward. So if you want to ensure that developers who use AI need a training, you can head over to this policy section within configuration. And what you wanna do is ensure that the adaptive AI learning is toggled on. Once that's set up, that's all you need to do on the Trust Agent AI side. In this demo itself, we've already gone ahead and set up the installer and all that piece over here. We have various internal external documentation on how to locally install it or use various scripts like Jamf, there'll be other documentation on that. But in this, like I say, in this demo, I'm just gonna head on with the actual policy setup and the adaptive learning creation. Okay. So now this is set up. I'm over into quests, and what I'm gonna do is create a quest to target the specific learners who have used AI. So So once you're in the quest, if you scroll down and you look at the participant section, what we have now is a new participant type, which is trust agent detection. And what this will do is automatically pull the developers who have been flagged in that TA AI report. So what we're gonna do is select this, and we can start to fill out the rest of the quest like normal. So we give it a title, a badge, we'll scroll down to the objectives. And what's really nice about this is the flexibility that the admins have to define the criteria for the training needed. For example, they can go in and they can select the specific content. So they could just go with Coding With AI. They could go with the AI agents and the protocols as well. For this demo, I'm gonna select both of these and keep them as part of the criteria. I can also then decide the schedule, so I'm gonna use fixed dates, and then I can go ahead and configure some of the quest settings as well. One important area to note is the count pass completions. This again is flexible based on customer's needs where we can define if they want learners to complete the training regardless if they've done any of the content before, or they can set a specific time period like three or six months where they have done it recently. So for this demo, I'm gonna set it to redo all content. Once that's filled out, you can then go ahead and save and publish. Now that's set up. That's gonna be available for them developers that were flagged for the Trust Agent AI, and the two steps are complete from an admin's perspective. So we've gone in and we've set up the policy and made sure that's enabled. And we've gone over to Quest and ensure we've created a Quest that's using the new participation type, the trust agent detection. So what I can do now is quickly log in as a learner just so we can see if they have received that training. So just to quickly show you what it's like from the learner perspective, here I am logged in as a learner. I was one of the learners who flagged up based on AI usage, and therefore, I have now received the quest, which you can see here on the screen. And in the normal process, I would then go through and then go through the topics within the quest. Once I have completed this, then I've completed the quest. And that concludes the demo today. So what I've gone through is really just an overview of the importance of Trust Agent AI and adaptive learning, and then gone through to the demo of the admin experience and then quickly briefly through to the learning experience as well. As always, any questions on adaptive learning, please feel free to reach out. Always happy to help. Thank you very much.

The walkthrough above demonstrates how Adaptive Learning with AI Signals works in practice, including configuring Trust Agent Detection, creating adaptive Quests, dynamically assigning learning, and tracking participation and completion.

For step-by-step setup instructions and configuration details, explore the adaptive Learning with Trust Agent: AI knowledge base article.

Secure Coding Guidance Should Reflect How Developers Actually Work

AI-assisted development is already part of everyday engineering workflows. Developers are moving quickly between AI-generated suggestions, manually written code, automated testing, and pull request review throughout the day.

As those workflows continue evolving, secure coding guidance needs to stay connected to the way software is actually being built.

Adaptive Learning powered by Trust Agent: AI helps organizations do exactly that — aligning learning to real AI-assisted development activity so guidance reaches developers when it is most relevant and actionable.

The result is secure coding guidance that stays relevant as AI tooling evolves — without adding overhead to the security teams responsible for running the program.

View webinar

Get Started

Click on the link below and download the PDF of this resource.

Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.

View report Book a demo

View Resource

Interested in more?

Author

Shannon Holt is a cybersecurity product marketer with a background in application security, cloud security services, and compliance standards like PCI-DSS and HITRUST.

Shannon Holt is a cybersecurity product marketer with a background in application security, cloud security services, and compliance standards like PCI-DSS and HITRUST. She’s passionate about making secure development and compliance more practical and approachable for technical teams, bridging the gap between security expectations and the realities of modern software development.

Secure coding learning aligned to real AI usage, developer workflows, and modern software development practices.

AI-assisted development is already becoming part of everyday engineering work.

A developer may manually write core application logic in the morning, use AI to generate test coverage in the afternoon, then review AI-assisted pull requests before the end of the day. The workflows are fluid. The tooling changes quickly. Usage patterns evolve week to week, sometimes team to team.

Historically, secure coding learning operated on relatively fixed cycles — onboarding pathways, annual assignments, broad role-based training, or periodic awareness campaigns. Those models made sense when development tooling evolved more gradually and learning requirements stayed relatively stable over time.

AI-assisted development moves differently. Security teams now need a more responsive way to keep secure coding guidance connected to how developers are actually working in the moment.

Adaptive Learning is designed to help organizations align secure coding learning to real software development activity and software risk signals across the SDLC.

‍That includes AI-assisted development activity, vulnerability findings, and evolving developer behavior tied to how software is actually being built.

In this post, we’re focusing specifically on Adaptive Learning with AI Signals powered by Trust Agent: AI — using AI-assisted development detections to help organizations dynamically align secure coding guidance to developers actively using AI coding tools in day-to-day development work.

Learning That Reflects Real AI Usage

Secure coding learning has always been most effective when it reflects the way developers actually work. Organizations already align learning by role, coding language, technology stack, and vulnerability focus areas to make training more relevant across engineering teams.

AI-assisted development introduces an additional layer of context.

An engineer experimenting with AI-generated Python code today may spend next month reviewing infrastructure-as-code in Terraform or using AI to accelerate frontend testing workflows. Some developers rely heavily on AI coding assistants. Others barely touch them.

Adaptive Learning helps organizations turn AI visibility into targeted secure coding guidance. When Trust Agent: AI identifies AI-assisted development activity, organizations can automatically assign learning aligned to those workflows.

That means developers actively using AI coding assistants can receive targeted learning tied to the work already happening inside their environment — without security teams manually identifying individual developers and repeatedly reassigning learning as AI usage expands across engineering teams.

Adaptive Learning in Practice

Adaptive Learning powered by Trust Agent: AI is designed to fit naturally into existing software development workflows.

Security teams can create targeted learning aligned to secure AI-assisted development practices, then use Trust Agent: AI detections to dynamically assign that learning to developers actively using AI coding tools in their day-to-day workflows. As developers begin interacting with AI-assisted development environments, relevant secure coding guidance is automatically assigned based on that activity.

So now we can detect the AI usage, we can understand where it's happening, and we can trigger that targeted training for the right developers. And that's what I'm gonna show you today, how we take that AI signal and turn it into adaptive learning. So there are a few parts of the process which I'll walk through today. The first piece is in the policy setup on TA, then we can go to the Quest side to trigger the training. For the policy, it's super simple and straightforward. So if you want to ensure that developers who use AI need a training, you can head over to this policy section within configuration. And what you wanna do is ensure that the adaptive AI learning is toggled on. Once that's set up, that's all you need to do on the Trust Agent AI side. In this demo itself, we've already gone ahead and set up the installer and all that piece over here. We have various internal external documentation on how to locally install it or use various scripts like Jamf, there'll be other documentation on that. But in this, like I say, in this demo, I'm just gonna head on with the actual policy setup and the adaptive learning creation. Okay. So now this is set up. I'm over into quests, and what I'm gonna do is create a quest to target the specific learners who have used AI. So So once you're in the quest, if you scroll down and you look at the participant section, what we have now is a new participant type, which is trust agent detection. And what this will do is automatically pull the developers who have been flagged in that TA AI report. So what we're gonna do is select this, and we can start to fill out the rest of the quest like normal. So we give it a title, a badge, we'll scroll down to the objectives. And what's really nice about this is the flexibility that the admins have to define the criteria for the training needed. For example, they can go in and they can select the specific content. So they could just go with Coding With AI. They could go with the AI agents and the protocols as well. For this demo, I'm gonna select both of these and keep them as part of the criteria. I can also then decide the schedule, so I'm gonna use fixed dates, and then I can go ahead and configure some of the quest settings as well. One important area to note is the count pass completions. This again is flexible based on customer's needs where we can define if they want learners to complete the training regardless if they've done any of the content before, or they can set a specific time period like three or six months where they have done it recently. So for this demo, I'm gonna set it to redo all content. Once that's filled out, you can then go ahead and save and publish. Now that's set up. That's gonna be available for them developers that were flagged for the Trust Agent AI, and the two steps are complete from an admin's perspective. So we've gone in and we've set up the policy and made sure that's enabled. And we've gone over to Quest and ensure we've created a Quest that's using the new participation type, the trust agent detection. So what I can do now is quickly log in as a learner just so we can see if they have received that training. So just to quickly show you what it's like from the learner perspective, here I am logged in as a learner. I was one of the learners who flagged up based on AI usage, and therefore, I have now received the quest, which you can see here on the screen. And in the normal process, I would then go through and then go through the topics within the quest. Once I have completed this, then I've completed the quest. And that concludes the demo today. So what I've gone through is really just an overview of the importance of Trust Agent AI and adaptive learning, and then gone through to the demo of the admin experience and then quickly briefly through to the learning experience as well. As always, any questions on adaptive learning, please feel free to reach out. Always happy to help. Thank you very much.

The walkthrough above demonstrates how Adaptive Learning with AI Signals works in practice, including configuring Trust Agent Detection, creating adaptive Quests, dynamically assigning learning, and tracking participation and completion.

For step-by-step setup instructions and configuration details, explore the adaptive Learning with Trust Agent: AI knowledge base article.

Secure Coding Guidance Should Reflect How Developers Actually Work

AI-assisted development is already part of everyday engineering workflows. Developers are moving quickly between AI-generated suggestions, manually written code, automated testing, and pull request review throughout the day.

As those workflows continue evolving, secure coding guidance needs to stay connected to the way software is actually being built.

Adaptive Learning powered by Trust Agent: AI helps organizations do exactly that — aligning learning to real AI-assisted development activity so guidance reaches developers when it is most relevant and actionable.

The result is secure coding guidance that stays relevant as AI tooling evolves — without adding overhead to the security teams responsible for running the program.

Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.

Book a demo Download

Resource hub

Resources to get you started

SCW Learning Content for KnowBe4

Secure Code Warrior content available through KnowBe4 helps technical teams build secure coding and AI governance awareness through structured learning covering OWASP Top 10 risks, AI-assisted development, and modern secure coding practices.

Learn More

May 15, 2026

Secure Code Warrior × KnowBe4 partnership

Guides

Stack of white documents with blue text lines on a gradient blue to pink background.

One Pager

Secure AI-driven development with KnowBe4 + Secure Code Warrior

Secure Code Warrior joins KnowBe4 to bring hands-on secure coding training into security awareness programs — covering OWASP, AI development, and 10 languages.

May 13, 2026

Stack of white documents with blue text lines on a blue to pink gradient background.

One Pager

Secure Code Warrior Learning: Secure AI-Driven Development

Secure code for the AI era: Learn how Secure Code Warrior builds developer capability to reduce vulnerabilities and secure AI-generated code at scale.

Apr 27, 2026

Stack of white digital documents with blue lines representing text on a purple and blue gradient background.

One Pager

Trust Agent:AI - Secure and scale AI-Drive development

AI is writing code. Who’s governing it? With up to 50% of AI-generated code containing security weaknesses, managing AI risk is critical. Discover how SCW's Trust Agent: AI provides the real-time visibility, proactive governance, and targeted upskilling needed to scale AI-driven development securely.

Apr 1, 2026

Resource hub

Resources to get you started

Announcing Adaptive Learning: The Antidote to AI Software Security Risk and Skill Gaps

Adaptive Learning bridges SCW Trust Agent with our entire learning platform, ensuring training stays perfectly aligned with real-time developer activity.

Learn More

Jun 1, 2026

Blog

Train developers on the real risks in their code, whether human-written or AI-generated

Adaptive Learning auto-assigns targeted secure coding training to the developers introducing real vulnerabilities, reducing recurring risks at the source.Secure Code Warrior blog banner with a blue overlay over a developer working at a multi-monitor desk displaying code, alongside the headline 'Train developers on the real risks in their code.'l

Jun 1, 2026

Blog

Enabler 4: Low Barrier to User Access

Remove friction from your secure coding program with Enabler 4: Low Barrier to User Access. Explore SSO, front-loaded onboarding, and relay state strategies to get developers training with a single click.

May 14, 2026

Secure Code Warrior and Amazon Bedrock logos side by side on a blue gradient background.

Blog

Equipping Developers for the Generative AI Era: AWS Collaboration

I am proud to announce that Secure Code Warrior has signed a strategic collaboration agreement with Amazon Web Services (AWS). Given the rapid evolution of the threat landscape, this strategic collaboration could not come at a more mission-critical moment for both security leaders and future-focused developers.

May 12, 2026

Secure coding learning that reflects real AI usage

Secure coding learning aligned to real AI usage, developer workflows, and modern software development practices.

Learning That Reflects Real AI Usage

Adaptive Learning in Practice

Secure Coding Guidance Should Reflect How Developers Actually Work

Secure coding learning aligned to real AI usage, developer workflows, and modern software development practices.

Learning That Reflects Real AI Usage

Adaptive Learning in Practice

Secure Coding Guidance Should Reflect How Developers Actually Work

Fill out the form below to download the report

Secure coding learning aligned to real AI usage, developer workflows, and modern software development practices.

Learning That Reflects Real AI Usage

Adaptive Learning in Practice

Secure Coding Guidance Should Reflect How Developers Actually Work

Secure coding learning aligned to real AI usage, developer workflows, and modern software development practices.

Learning That Reflects Real AI Usage

Adaptive Learning in Practice

Secure Coding Guidance Should Reflect How Developers Actually Work

Table of contents

Resources to get you started

SCW Learning Content for KnowBe4

Secure AI-driven development with KnowBe4 + Secure Code Warrior

Secure Code Warrior Learning: Secure AI-Driven Development

Trust Agent:AI - Secure and scale AI-Drive development

Resources to get you started

Announcing Adaptive Learning: The Antidote to AI Software Security Risk and Skill Gaps

Train developers on the real risks in their code, whether human-written or AI-generated

Enabler 4: Low Barrier to User Access

Equipping Developers for the Generative AI Era: AWS Collaboration