Security software company, Secure Code Warrior (SCW), will join the Australian USA Cybersecurity Mission at the RSA 2018 Conference, with a focus on showcasing how companies can quickly strengthen their cybersecurity posture by making developers the “first line of defense.”
SCW has built an innovative online, hands-on, gamified SaaS Learning Platform that actively engages developers to learn and build their secure coding skills. Within the platform, there is a new real-time security coaching and correction plug-in called Sensei, that helps developers as they write, from the first line of code.
Since commercializing the SCW platform in 2015, leading global financial services, telecommunications and technology companies rely on it to improve their code security across their entire global development teams, both in-house and outsourced. Customers include all of Australia’s top 6 banks, 10 of the world’s top global banks, as well as many leading telco, retail and tech giants.
In 2017, SCW had 5x revenue growth, 3x employee growth and opened offices in the US (Boston), Belgium (Bruges) and UK (London).
SCW’s Co-Founder and CEO Pieter Danhieux, said the majority of the world’s major hacks in the past decade were enabled by vulnerabilities created through insecure applications.
“These could be prevented at their source, in real time by empowering developers and guiding them how to write secure code,” Danhieux said.
Danhieux viewed the rapid pace of new customers onboarding SCW around the world as a positive sign that more companies are recognizing the importance of building security excellence into their code.
“This reduces their exposure, and we are seeing compelling results such as significantly reduced vulnerabilities and an improved relationship between the security and development teams.”
Matias Madou Ph.D., who is CTO and Co-founder of Secure Code Warrior and former product research lead at HP Fortify, said many companies still focused most of their software security efforts on detecting vulnerabilities in written code and then fixing them, rather than coding securely from the start.
“Apart from the developer-security angst this approach creates, it is about 30 times more expensive to detect and fix vulnerabilities in committed code than it is to prevent them when writing code in the IDE", Madou said.
Madou believes empowering developers to code securely is the next wave of significant security posture improvement opportunity.
“There is no longer any excuse for companies to have their developers as the first line of risk. They should become the first line of defense.”
Pieter Danhieux is a globally recognised security expert, with over 12 years’ experience as a security consultant and 8 years as a Principal Instructor for SANS teaching offensive techniques on how to target and assess organisations, systems and individuals for security weaknesses. In 2016, he was recognised as one of the Coolest Tech people in Australia (Business Insider), awarded Cyber Security Professional of the Year (AISA - Australian Information Security Association) and holds GSE, CISSP, GCIH, GCFA, GSEC, GPEN, GWAPT, GCIA certifications.
Matias is a researcher and developer with more than 15 years of hands-on software security experience. He has developed solutions for companies such as HP Fortify and his own company Sensei Security. Over his career, Matias has led multiple application security research projects which have led to commercial products and boasts over 10 patents under his belt. When he is away from his desk, Matias has served as an instructor for advanced application security training courses and regularly speaks at global conferences including RSA Conference, Black Hat, DefCon, BSIMM, OWASP AppSec and BruCon. Matias holds a Ph.D. in Computer Engineering from Ghent University, where he studied application security through program obfuscation to hide the inner workings of an application.