Insights from experts shaping secure development

Explore Enabler 2: Senior Leadership Sponsorship. Learn why active buy-in from the CIO, CTO, and CISO is vital to drive developer adoption and program credibility.

While development teams look to make the most of GenAI’s undeniable benefits, we’d like to propose a four-point foundational framework that will allow security leaders to deploy AI coding tools and agents with a higher, more relevant standard of security best practices. It details exactly what enterprises can do to ensure safe, secure code development right now, and as agentic AI becomes an even bigger factor in the future.

Cybermon 2025 Beat the Boss is now available year-round in SCW. Deploy advanced AI/LLM security challenges to strengthen secure AI development at scale.

Kamer van Koophandel shares how it embedded secure coding into everyday development through role-based certifications, Trust Score benchmarking, and a culture of shared security ownership.

See how Paysafe's partnership with Secure Code Warrior led to a 45% boost in developer productivity and a major reduction in code vulnerabilities.

DigitalOcean's use of Secure Code Warrior training has significantly reduced security debt, allowing teams to focus more on innovation and productivity. The improved security has strengthened their product quality and competitive edge. Looking ahead, the SCW Trust Score will help them further enhance security practices and continue driving innovation.

Pieter Danhieux, Co-Founder and CEO of Secure Code Warrior“In recent years, ‘training’ has cemented its place among the best business jargon out there. Cookie-cutter sessions are too often labelled as staff training, just to tick a box. In fast-paced, results-orientated environments, it’s easy to lose sight of the training’s original purpose, which is to upskill and further develop a workforce. Here, the distinctions are important—training is an act, learning is the outcome, and the application of this learning is skill. “With a number of Aussie industries staring down the barrel of a major skills gap, business leaders can no longer afford not to maximise on the job ‘training’. In 2021, the focus must shift to providing valuable learning experiences that are designed to upskill and empower employees. “In the cybersecurity space—where the risks are great and businesses can’t afford to get it wrong—we’ve found a scaffolded approach to learning, coupled with hands-on experiences in a risk-free environment, creates the most effective outcomes. How will you upskill your workforce in 2021?

There's much in store for the future of cybersecurity, and the most interesting things aren't happening on Earth.This column was written with Matias Madou, Chief Technology Officer and Co-Founder of Secure Code Warrior. Cybersecurity predictions are something of a tradition in the security industry, as we look toward the year to come and see what may lie ahead in a field that changes counstantly. Sometimes we're right, and sometimes a once-in-a-generation pandemic comes along and challenges us in ways we could never have expected.

Unfortunately, when speed is everything, developers are often reluctant to prioritize security - so how do you make DevSecOps stick with developers?

AI is writing code. Who’s governing it? With up to 50% of AI-generated code containing security weaknesses, managing AI risk is critical. Discover how SCW's Trust Agent: AI provides the real-time visibility, proactive governance, and targeted upskilling needed to scale AI-driven development securely.

OpenText Application Security and Secure Code Warrior combine vulnerability detection with AI Software Governance and developer capability. Together, they help organizations reduce risk, strengthen secure coding practices, and confidently adopt AI-driven development.

Secure Code Warrior is an AI Software Governance platform designed to enable organizations to safely adopt AI-driven development by bridging the gap between development velocity and enterprise security. The platform addresses the "Visibility Gap," where security teams often lack insights into shadow AI coding tools and the origins of production code.