GitHub is how people build software. Millions of individuals and organizations around the world use GitHub to discover, share and contribute to software—from games and experiments to popular frameworks and leading applications. Together, we're defining how software is built today.
When GitHub officially announced the general availability of GitHub code scanning, Secure Code Warrior was featured by GitHub as the only developer-centric training provider in their blog post, Third-Party Code Scanning Tools: Static Analysis & Developer Security Training. That's because Secure Code Warrior is uniquely positioned to support the new SARIF standard and integrate with other third-party scanning tools inside the GitHub code scanning ecosystem such as; Snyk, Checkmarx, Fortify On Demand, Synopsis and Veracode.
Our open approach to developer-centric learning empowers development and security teams to not just find vulnerabilities but enrich SAST reports with actionable knowledge. This provides developers with the skills and knowledge when they need it most, preventing vulnerabilities from occurring and reducing the need for rework.
“Pairing integrations from Snyk and Secure Code Warrior with GitHub code scanning is a powerful combination that gives developers security information and education that is both insightful and actionable,” said John Leon, VP of Business Development, GitHub.