We have an extensive catalog of challenges and missions covering a large number of different vulnerability types - including OWASP Top 10, find out more here.
Our challenges are continuously revised and updated with new challenges and new language:frameworks to cover new vulnerability types. Right now, we have thousands of challenges in different languages:frameworks covering the OWASP Top 10, OWASP Mobile Top 10, OWASP API Security Top 10, CWE and SANS Top 25. If you don’t see your language:framework of choice, drop us a note.
Our platform can measure a developer’s progress throughout their secure coding journey. Depending upon account configuration, Administrators, Team Managers and Developers have the ability to track progress on challenges completed, time spent on training, strengths and weaknesses and accuracy and confidence score.
Secure Code Warrior is available on an annual subscription. Our user-based pricing scales to support the size and needs of your organisations AppSec program.
Yes, we offer tiered pricing starts at 100+ users with full access to the platform.
Current application security tools focus on moving from right to left in the Software Development Life Cycle (SDLC) – an approach that supports detection and reaction – detect the vulnerabilities in the written code and react to fix them. Secure Code Warrior starts at the extreme left of the SDLC with a focus on making the developer the first line of defense in their organization and preventing vulnerabilities in the first place.
We limit the storage of any Customer or Personal Identifiable data as much as possible and any customer data is stored in production systems only and saved until the customer decides to delete it, or his license is not extended and the customer requests to delete the data. For more information, read here.
No. We have new developers with little secure code experience and seasoned developers with lots of experience on the platform. For new developers, we have built in Learning and Knowledge Transfer to help them shape their basic skills and understanding of the leading vulnerabilities. As their skills develop and, like seasoned developers, they become more aware they are challenged by the gamified engagement and increasingly difficulty of the content challenges to constantly improve and become a Secure Code Warrior.
Yes, the training is self-paced. According to Deloitte’s “Meet the Modern Learner,” typically 1% of a typical workweek is all that employees have to focus on training and development. Our platform is built to ensure that this available time is hands-on and effective but it is also designed with the goal that Developers can utilise it outside work hours. On-demand learning in an 'everywhere available' format is critical for today’s learner.
Yes, all the data that we create in our training/evaluation platform is downloadable by the Training Administrator in your organization anytime that they log into the Secure Code Warrior Portal.
We have a fully-integrated support system built into the platform through which we can communicate with an individual developer who requests help. We can also accept feedback on the platform and individual challenges in the platform from any User through the platform. We also provide email support to Training Administrators as required.