Insights from experts shaping secure development
Access expert content on secure coding, AI governance, and software risk management.
OWASP LASCON
We are proud to be a Gold Sponsor for OWASP LASCON 2026 in Austin, TX! Join us at the Norris Conference Center as we gather with over 400 web developers and security professionals to share cutting-edge ideas in application security.
BSides Frankfurt
We are excited to host a secure coding tournament at BSides Frankfurt! Join us on the Goethe-Universität Frankfurt campus for a hands-on competition where you can test your ability to identify and fix real-world vulnerabilities. Whether you are a seasoned developer or a security newcomer, this is a fantastic opportunity to collaborate, sharpen your skills, and help build a more secure local tech community.
OWASP Global AppSec EU
Can’t wait to sponsor OWASP Global AppSec EU Conference, marking its 25th anniversary from June 22–26, 2026, at the Austria Center in Vienna. Join us and over 800 other experts to explore the vibrant exhibitor hall, participate in the Meet the Mentor program, and earn CPE credits, all while enjoying exclusive networking receptions. Don’t forget to connect and stop by our booth!
Gartner Security & Risk Management Summit
Join us at Gartner Security & Risk Management Summit, from June 1-3, 2026, in National Harbor, Maryland. We’re excited to join CISOs and cybersecurity leaders to gain expert insights on AI, risk resilience, and evolving threat landscapes to strengthen their organization's security posture. Don’t forget to connect and stop by our booth!
Sweven Test Future Webinar
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt laborum.
Gold Coast BSides
We are excited to host a secure coding tournament at BSides Goldie! Join us on the Gold Coast Australia for a hands-on competition where you can test your ability to identify and fix real-world vulnerabilities. Whether you are a seasoned developer or a security newcomer, this is a fantastic opportunity to collaborate, sharpen your skills, and help build a more secure local tech community.
Sweven Test Past Webinar
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt laborum.
From Shadow AI to AI Software Governance: Regaining Visibility Across Your Codebase
Join Secure Code Warrior’s Matias Madou, CTO, and Tamim Noorzad, Director of Product, to learn how AI Software Governance provides the visibility and insight needed to manage AI-assisted development at scale.
OT Summit Madrid
Join us at the OpenText Summit Madrid 2026, an in‑person event designed to show how AI, cloud, and secure information management are powering a new generation of intelligent enterprises.
Cyber Security Summit
The Cyber Security Summit takes place on April 28th and 29th and is a premier conference that assembles top-tier experts, innovators, and exhibitors to showcase the latest trends, resilient IT strategies, and industry best practices. Don’t miss this opportunity to stop by our booth and connect with us!
FS-ISAC FinCyber Today Canada
We are ready to discuss developer risk management at FS-ISAC FinCyber Today Canada. We help financial institutions mitigate application risk by empowering their developers with secure code learning. Join us at our booth in the Solutions Hall to see how we can strengthen your security posture.
OWASP BASC
We are excited to sponsor OWASP BASC on April 11 in Boston, MA. This is the premier application security conference that brings together security professionals, developers, and researchers to advance the field of application security in Boston.
Tech Council Parliamentary Innovation Showcase
A flagship event of the Tech Council of Australia (TCA), the Parliamentary Innovation Showcase 2026 offers a fantastic opportunity for decision-makers, industry leaders, academics, and tech enthusiasts to explore cutting-edge technologies, exchange ideas, and gain insight into the future of research, investment, and innovation.
RSA Conference
We’re heading San Francisco to the RSA Conference 2026 to discuss. We help organizations empower developers with the skills to write secure code from the start. Join us at booth #250 in the South Expo Hall to see how we can build a community of security-driven developers in your organization.
Developer Security Proficiency: Accelerating Vulnerability Remediation with Integrated AST and Secure Developer Upskilling
Stop just finding vulnerabilities and start fixing them for good. Detecting a bug is only half the battle. To achieve true Secure by Design, security insights must translate into fast, effective remediation. Join experts Eric Johnson from Secure Code Warrior and Steven Zimmerman from Black Duck on March 18 to learn how to bridge the gap between detection and developer upskilling.
Mitigating technical debt with developer-driven security
The cost of addressing insecure code and subsequent technical debt is one of the biggest obstacles facing tech today. Learn how implementing a scalable secure code training program helps to reduce technical debt by addressing poor coding patterns and detecting vulnerabilities early in the software development cycle.
How do developers define "secure coding"?
The perception of what constitutes the act of secure coding is up for debate. According to recent research in collaboration with Evans Data, this sentiment was revealed in black and white. The State of Developer-Driven Security 2022 survey delves into the key insights and experiences of 1200 active developers, illuminating their attitudes and challenges in the security realm.
Secure Code Warrior turns 8: All aboard the rocket ship
This week, we officially celebrate eight years of Secure Code Warrior. On the one hand, that’s 350 times the length of the Apollo 11 mission, as well as the equivalent of 45,000 games of football, or playing Super Mario Odyssey 5696 times to the end. On the other, it’s just one-thirtieth the lifespan of a Giant Tortoise (250 years, if you’re wondering). In the world of a high-growth startup, it represents a journey of many twists, turns, lessons, and accomplishments, many of which were unimaginable when we were first inking our business plan.
Kamer van Koophandel Sets the Standard for Developer-Driven Security at Scale
Kamer van Koophandel shares how it embedded secure coding into everyday development through role-based certifications, Trust Score benchmarking, and a culture of shared security ownership.
Going for Gold: Soaring Secure Code Standards at Paysafe
See how Paysafe's partnership with Secure Code Warrior led to a 45% boost in developer productivity and a major reduction in code vulnerabilities.
Devlympics 2023: In Review
Explore the Devlympics 2023 results in this report. Dive into developer engagement, tech stack and languages trends in each industry that participated, and key vulnerabilities and CWEs covered in the annual global event hosted by Secure Code Warrior.
SD Times: AI-Assisted Development Multiplies Human Error: What’s Your AI Governance and Risk Management Strategy?
According to a recent report from Gartner, the rampant use of shadow AI and rogue automation is further fueling the proliferation of AI vulnerabilities. Gartner notes that 32% of IT workers using generative AI tools at work say they keep them hidden from cybersecurity teams. Combined with low-code/no-code platforms and vibe coding practices, the AI copilots are greatly expanding the enterprise attack surface.
Cybersecurity Tribe: What Separates Real AI Governance From Policy Theater
For this article, we asked a central question for security and risk leaders: "What differentiates a policy that genuinely mitigates enterprise risk from one that exists primarily to demonstrate that the organization has acknowledged AI risk?"
Software is your colleague: A new perspective to strengthen access control and API security
APIs act like flawed humans; is treating them as such the key to better cybersecurity?
The developer security maturity matrix
Building security maturity in development teams can be approached in stages. Based on our experience with 400+ organizations, we've identified common practices and traits in three different stages of security maturity - defining, adopting, and scaling.