Was hält Entwicklungsteams nachts wach, wenn es um sicheres Programmieren geht?
.avif)
Unsafe code cost company million — what is also the einführung safe coding practices in the way?
In einer Welt, die fast alles auf Software angewiesen ist, Es ist von wesentlicher Bedeutung, dafür zu sorgen, dass der Code sicher ist. The call of the market and the financial rentability has from. But there many concerns about safe coding — and many hindernis are their complete and effective introduction in the way. More as you before is an new work method required. Im Jahr 2020 beauftragte Evans Data Corp. daher Secure Code Warrior mit der Durchführung von Primärforschungen* zur Einstellung von Entwicklern und ihren Managern zu sicherem Programmieren, sicheren Codeverfahren und Sicherheitsvorgängen (Whitepaper herunterladen) hier).
Derzeit ist das Unternehmen schwer, sichere Code-Praktiken zu implementieren. Developer and manager taking with security lücken and the responsibility for code as special responsibility.
Es ist klar, dass bessere Schulungen und ein Programm erforderlich sind, das sichere Codepraktiken unterstützt. This need is clear, if we Developer and their manager after their concerns in the relationship with safe coding. Unsere Forschung* haben gezeigt, dass diese beiden Gruppen dieselben grundlegenden Bedenken teilen. Aufgrund ihrer unterschiedlichen Rollen unterscheiden sie sich jedoch darin, welche diese Anschauungen am dringenden sind.
The main problem for Developer is the „Input of code, the earlier security lücken repliziert“. The Developer are considered by the quality their codes, is not surprise. No Developer will be the source of unsecure code — or by code, the be revised must and the team verlangsamt sein.
Das zweitwichtigste Problem für Entwickler ist der Umgang mit Fehlern, die von Mitarbeitern verursacht wurden. The compliance of terms and the responsibility for code are also always above in the list — also the fact that that learn of secure code is a challenge, was another requirement of a new process for the training of secure code.
Manager see the rather from above after below.
As teammanager and teamleiter is her main employees, are responsible for the code. Wenn ein Team Code produziert, liegt der schwarze Peter beim Manager.
Code, der frühere Sicherheitslücken repliziert, folgt an zweiter Stelle. The fact that the learning process is a challenge, is an dritter Stelle. Wie aktuell sicheres Codetraining The actions are not successful, Manager detect that an new approach is required.
Hindernisse für die Einführung sicherer Codierungspraktiken
As we manager after the hindernissen, the introduction safe coding practices in their organizations, are two dings loud and clearly out: communication and training.
45% nannten einen Mangel an Kommunikation zwischen Stakeholdern und Management als erhebliches Hindernis. 42% beklagen den Mangel an sicheren Programmierkenntnissen bei Neueinstellungen. Gleichzeitig gaben 40 Prozent an, dass die Schulungszeit und die Ressourcen unzureichend waren.
Es gibt prozess- und personalbezogene hindernisse, die der erfolgreichen Einführung sicherer Code-Praktiken in allen Unternehmen entgegenwirken.
Aber trotz dieser hartnäckigen Probleme können Sie immer noch Fortschritte erzielen. The lack an secure programming knowledge with new settings and insufficient training and resources are easily.
Developer are an vorderster Front, wenn es darum geht, Sicherheitslücken zu schließen. But you receive the support, tools and training to their part of security agreement?
Aufgrund ihrer Bedenken lautet die kurze Antwort „Nein“.
The truth is, the right training should not feel as a vorlesung.
Secure Code Warrior, an human guided approach, the development in the area of the safe coding, the Developer active into into into into their functions in the area of the safe coding. Unsere bewährte Lernplattform bietet entwicklungs- und sicherheitsteams kontextbezogenes und hochrelevantes Lernen innerhalb ihrer präferierten Arbeitsabläufe. Ty allows them not only to find security lacks, but also to prevent that they occur any.
This art of practice orientation training is an gelegenheit for further training — a karriereschritt, the only for Developer of advantage is, they are ernst to close my security lacks and with the rest of the team connect to create an more code standard.
Wenn Sie mehr erfahren und die potenziellen Auswirkungen auf die Fähigkeit Ihrer Teams sehen möchten, „von links anzufangen“ und den sicheren Code schneller zu versenden, ohne die Sicherheit zu gefährden, book now a demo.
*Output of the reaction to prevention: The wandelnde face of application security. Secure Code Warrior and Evans Data Corp. 2020
Govern AI-driven development before it ships
Measure AI-assisted risk, enforce secure coding policy at commit, and accelerate secure delivery across your SDLC.
Explore more blogs
Lorem ipsum diam quis enim lobortis scelerisque fermentum dui faucibus in ornare quam viverra orci sagittis eu volutpat odio facilisis.
%252520%252520(3).avif)
Supercharged Security Awareness: How Tournaments are Inspiring Developers at Erste Group
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Security as culture: How Blue Prism cultivates world-class secure developers
Learn how Blue Prism, the global leader in intelligent automation for the enterprise, used Secure Code Warrior's agile learning platform to create a security-first culture with their developers, achieve their business goals, and ship secure code at speed

One Culture of Security: How Sage built their security champions program with agile secure code learning
Discover how Sage enhanced security with a flexible, relationship-focused approach, creating 200+ security champions and achieving measurable risk reduction.
.webp)
Why most CISOs are navigating AI adoption blindfolded (and how they can remove it)
Today, Secure Code Warrior issued an all-new white paper covering a prescriptive, directional AI adoption model that security leaders can use to identify their adoption stage and make real progress in bringing the AI security risks within their organization under control.
Secure AI-driven development before it ships
See developer risk, enforce policy, and prevent vulnerabilities across your software development lifecycle.

