SYDNEY, BOSTON, LONDON, BRUGES – 12 November 2020: Global secure coding company, Secure Code Warrior®, has today launched Missions—hands-on, interactive coding simulations of real-world applications that encourage developers to experience the real-time impact of poor code practices in a safe environment. Missions is the result of Secure Code Warrior’s acquisition of Iceland-based start-up Adversary in April 2020.
40 missions covering common security vulnerabilities are currently available, all of which are based on real-world scenarios like the cyber-attacks and security breaches Facebook, WhatsApp, GitHub and high-profile banks have faced. Targeted at developers, engineering leads and software security professionals, Missions challenges coders to experience these complex issues in a safe environment. This empowers developers to explore different ways to solve each Mission and encourages coders to practice their skills and knowledge, fostering a step-by-step approach to learning.
Pieter Danhieux, Co-Founder and CEO of Secure Code Warrior, said, “Missions is like a flight simulator for coders. Just like a pilot who needs to continually train to keep flying, Missions offers practical applications of live code in a hyper-relevant environment designed to encourage coders to understand attacks, practice and perfect their secure coding skills and knowledge.”
“We’re levelling up our existing offerings in a logical fashion and creating a progressive, scaffolded approach to building skills. It helps developers move from merely recalling knowledge to systematically building upon their experiences and skillset in real-time, fostering valuable secure coding skills that are job-relevant and allowing coders to experience the impact of insecure code first hand, in a safe environment,” Danhieux concluded.
Secure Code Warrior Missions are included as part of Secure Code Warrior’s standard feature set, with seven language frameworks supported at launch, including Java:Spring, C#(.NET):MVC, C#(.NET):Web Forms, Python:Django, Java:Enterprise Edition (JSP), JavaScript:Node.JS and C#:Core.
UK security expert Colin Domoney, who has trialed Missions over the past fortnight said, “During my time as an AppSec Manager at Deutsche Bank, one of my biggest challenges was demonstrating to development teams the very real threats coding flaws represented to the business.”
“Missions makes it easy to demonstrate how code can be compromised—a developer can view an app’s browser window and code on a single screen, they’re shown how an attacker could exploit vulnerabilities, and then do the exploit first-hand. I wish I’d had this several years ago,” Domoney said.
For developers interested in taking on the mindset of a security researcher, Secure Code Warrior has released a public mission simulating the Unicode vulnerability that impacted GitHub in 2019. To solve GitHub’s deceptively simple, yet complex vulnerability and find out more about Missions, visit securecodewarrior.com/products/missions
