TUESDAY MARCH 4TH 2019. Bugcrowd, the #1 crowdsourced security company, and Secure Code Warrior, a global secure coding company, announced they are partnering to provide a more robust framework for bridging the gap between security and development teams. Bugcrowd and Secure Code Warrior will provide contextual training and remediation advice to customers’ software and security teams based on validated vulnerabilities found through Bugcrowd. This will result in faster fixing, improved development lifecycles, and promote more secure code writing.
An increasing number of breaches have necessitated a fundamental shift in approach, and the historical divide between security and engineering is slowly disappearing. Today, addressing security early in the software development life cycle is essential to preventing data breaches. A recent study found that 62 percent of respondents have a formal or informal DevSecOps team — up just 13 percent the year prior. The partnership between Secure Code Warrior and Bugcrowd is enabling this “shift-left” thinking.
Through this collaboration, developers can access the Secure Code Warrior training modules most relevant to the unique set of vulnerabilities Bugcrowd identifies during the security testing process. This promotes rapid return on investment for organizations by helping them to:
Reduce overhead in the identification and remediation of vulnerabilities
Connect, quantify, and systematically reduce risk for trending vulnerabilities
Accelerate go-to-market for more secure products and services.
“Bugcrowd is focused on improving the security of our digitally-connected world — this means going beyond vulnerability identification to educate the next generation of cyber defenders, which includes helping builders write more secure code,” said Casey Ellis, founder and CTO at Bugcrowd. “By embedding information from training tools platform into the Bugcrowd platform, we can prevent entire vulnerability categories from reappearing and help facilitate the necessary collaboration between security and development teams. We are proud to partner with Secure Code Warrior to empower customers to find and fix faster, as well as build better from the start.”
“Our mission at Secure Code Warrior is to help developers create secure software from the start — it’s not about just shifting left, but starting left,” said Pieter Danhieux, chairman and CEO at Secure Code Warrior. “Many developers want to write secure code but often are not aware of the insecure coding patterns, and many companies don’t provide such role-specific training so we’re seeing the same coding mistakes being made. Our partnership with Bugcrowd is a natural progression for us to address this. By building real-world scenarios into our platform, developers will become more security aware, receiving better secure coding training which will ultimately help them on their journey to build more secure software from the beginning.”
Bugcrowd is the #1 crowdsourced security company. More Fortune 500 organizations trust Bugcrowd to manage their bug bounty, vulnerability disclosure, and next gen pen test programs. Bugcrowd’s award-winning platform combines actionable, contextual intelligence with the skill and experience of the world’s most elite hackers to help leading organizations solve security challenges, protect customers, and make the digitally connected world a safer place. Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners. Learn more at www.bugcrowd.com.
ABOUT SECURE CODE WARRIOR
Secure Code Warrior is the global secure coding company that makes software development better and more secure. Our vision is to empower Developers to be the first line of defense in their organization by making security highly visible and providing them with the skills and tools to write secure code from the beginning.
We have built a powerful platform that moves the focus from reaction to prevention, training and equipping developers to think and act with a security mindset as they build and verify their skills, gain real-time advice and monitor skill development. Our customers include financial institutions, telecommunications providers and global technology companies in Europe, North America and the Asia Pacific.