Insights from experts shaping secure development
Access expert content on secure coding, AI governance, and software risk management.
Product talk: Coding Labs
Join our Product Talk to see Coding Labs in action, and learn how Secure Code Warrior’s industry-proven, flexible, and tiered approach to learning can help improve developer security maturity.
Accelerating Developer-First Security
Security experts from Allianz, BMW, Siemens, Contrast, and Secure Code Warrior discuss how dev and AppSec can prioritize security without sacrificing deployment speed.
DevOps transformation - Setting a strategy for success
How to determine the right mix of team, tools, teachings, and targets to achieve favorable results
The Importance of Developer Driven Security
The what, the when, and why you should be including your developers more.
Saltworks and Secure Code Warrior: Better together
Preaching the gospel of when developer learning and skill-sets go up, code vulnerabilities go down.
Strengthen left: Develop your security muscle
How to help your developers build and release secure software faster.
The evolving role of the AppSec developer
Changes, causes, and considerations for one of the most important roles on your company's security team.
How to build an AppSec program with a strong foundation
The importance and key approaches to setting a baseline when it comes to strategy development for your AppSec program.
Increase software release velocity with holistic, developer-driven security
AWS + Secure Code Warrior on the importance of increasing the quantity and quality of developer code output.
Shifting left for secure by design
Reduce the risks and costs associated with application security by empowering developers to be the first line of defense of your organization.
How a large healthcare provider transformed its security culture with a developer-driven approach
Join this webinar to hear from Jeff Williams, co-founder and CTO at Contrast Security, and Secure Code Warrior co-founder and CTO, Matias Madou where they will guide us through a conversation with a large healthcare provider who will tell us their story around how they transformed the
Join us at the DEVOPS Conference
Come join us at the DEVOPS Conference this March 8-9 for some insightful talks and a chance to participate at the secure coding tournament. Get your free tickets now!
Shift left security training and vulnerability detection for embedded systems
In this webinar, we consider the challenges organizations face when adopting a security-first approach to development especially within embedded software and how to harness best practices in learning technology and benefit from shifting left to optimize developer secure code training.
Increase software release velocity with holistic, developer-driven security
We know these times may not suit everyone, so if you'd like to listen to the webinar at a more sociable hour please register and we'll send you a recording. With the rise of security breaches stemming from exploitable software vulnerabilities, organizations must look to minimize th
Walkthroughs in courses deep-dive
Learn how our new Walkthrough & Missions immersive hands-on training activities increases developer engagement and progressively up-skill your developers with a proven scaffolded approach to learning.
SCW Trust Score: An Industry-First Metric for Secure Coding Programs
Discover SCW Trust Score, providing deep insights into organizational security and developer competency.
FinServ compliance depends on software security
Regulations governing the financial services industry, such as PCI DSS, emphasize the importance of secure code and the need for training developers in security best practices.
The XZ Utils backdoor in Linux points to a wider supply chain security issue, and we need more than community spirit to keep it at bay
A critical vulnerability, CVE-2024-3094, was discovered in the XZ Utils data compression library used by major Linux distributions, introduced through a backdoor by a threat actor. This high-severity issue allows for potential remote code execution, posing significant risks to software build processes. The flaw affects early versions (5.6.0 and 5.6.1) of XZ Utils in Fedora Rawhide, with an urgent call for organizations to implement patches. The incident underscores the critical role of community volunteers in maintaining open-source software and highlights the need for enhanced security practices and access control within the software development lifecycle.
Kamer van Koophandel Sets the Standard for Developer-Driven Security at Scale
Kamer van Koophandel shares how it embedded secure coding into everyday development through role-based certifications, Trust Score benchmarking, and a culture of shared security ownership.
Going for Gold: Soaring Secure Code Standards at Paysafe
See how Paysafe's partnership with Secure Code Warrior led to a 45% boost in developer productivity and a major reduction in code vulnerabilities.
Devlympics 2023: In Review
Explore the Devlympics 2023 results in this report. Dive into developer engagement, tech stack and languages trends in each industry that participated, and key vulnerabilities and CWEs covered in the annual global event hosted by Secure Code Warrior.
SD Times: AI-Assisted Development Multiplies Human Error: What’s Your AI Governance and Risk Management Strategy?
According to a recent report from Gartner, the rampant use of shadow AI and rogue automation is further fueling the proliferation of AI vulnerabilities. Gartner notes that 32% of IT workers using generative AI tools at work say they keep them hidden from cybersecurity teams. Combined with low-code/no-code platforms and vibe coding practices, the AI copilots are greatly expanding the enterprise attack surface.
Cybersecurity Tribe: What Separates Real AI Governance From Policy Theater
For this article, we asked a central question for security and risk leaders: "What differentiates a policy that genuinely mitigates enterprise risk from one that exists primarily to demonstrate that the organization has acknowledged AI risk?"
Secure Code Warrior Learning: Enable Secure AI-Driven Development at Scale
Trust Agent:AI - Secure and scale AI-Drive development
AI is writing code. Who’s governing it? With up to 50% of AI-generated code containing security weaknesses, managing AI risk is critical. Discover how SCW's Trust Agent: AI provides the real-time visibility, proactive governance, and targeted upskilling needed to scale AI-driven development securely.
The Power of OpenText Application Security + Secure Code Warrior
OpenText Application Security and Secure Code Warrior combine vulnerability detection with AI Software Governance and developer capability. Together, they help organizations reduce risk, strengthen secure coding practices, and confidently adopt AI-driven development.