Insights from experts shaping secure development
Access expert content on secure coding, AI governance, and software risk management.
Walkthroughs in courses deep-dive
Learn how our new Walkthrough & Missions immersive hands-on training activities increases developer engagement and progressively up-skill your developers with a proven scaffolded approach to learning.
Upskilling, the missing link to close the security gap for AppSec
Hear from Peter Robinson, Head of Security at Zip, and Jaap Singh, Co-Founder of Secure Code Warrior & AppSec Trainer for an insightful discussion on why upskilling cybersecurity skills within the workforce is essential to closing the security gap.
The ROI of developer-driven security
Everyone wants a good return on their investment when it comes to investing in their techstack or additional training programs, but when it comes to security, one needs to be playing a long game that goes beyond calculating simple ROI. Learn how investment in developer-driven security will not only save on the expense of expensive breaches, the loss of productivity, and accumulated tech--debt, but create a proactive and cost-effective strategy to stay ahead of today’s threat landscape.
The path to security champions
How Workday utilized agile secure learning to upskill developers.
People, process, and technology
Join us in conversation with Vis Chirravuri to learn first-hand how he has developed people, process, and technology approaches for his secure code learning program
Security maturity in development teams: what, and how?
In this webinar, Scott Shapiro, SCW’s Director of Product Marketing, will discuss the different stages of security maturity in developer teams and the pitfalls to avoid when working to improve security maturity, and shift security left.

FinServ compliance depends on software security
Regulations governing the financial services industry, such as PCI DSS, emphasize the importance of secure code and the need for training developers in security best practices.

The XZ Utils backdoor in Linux points to a wider supply chain security issue, and we need more than community spirit to keep it at bay
A critical vulnerability, CVE-2024-3094, was discovered in the XZ Utils data compression library used by major Linux distributions, introduced through a backdoor by a threat actor. This high-severity issue allows for potential remote code execution, posing significant risks to software build processes. The flaw affects early versions (5.6.0 and 5.6.1) of XZ Utils in Fedora Rawhide, with an urgent call for organizations to implement patches. The incident underscores the critical role of community volunteers in maintaining open-source software and highlights the need for enhanced security practices and access control within the software development lifecycle.

Reaping the benefits of AI innovation depends on starting with secure code
Generative AI offers financial services companies a lot of advantages, but also a lot of potential risk. Training developers in security best practices and pairing them with AI models can help create secure code from the start.

Kamer van Koophandel: Developer-Driven Security at Scale
Kamer van Koophandel shares how it embedded secure coding into everyday development through role-based certifications, Trust Score benchmarking, and a culture of shared security ownership.
Going for Gold: Soaring Secure Code Standards at Paysafe
See how Paysafe's partnership with Secure Code Warrior led to a 45% boost in developer productivity and a major reduction in code vulnerabilities.

Devlympics 2023: In Review
Explore the Devlympics 2023 results in this report. Dive into developer engagement, tech stack and languages trends in each industry that participated, and key vulnerabilities and CWEs covered in the annual global event hosted by Secure Code Warrior.

ITWire: Agentic AI Era Demands Overhaul of Governance Frameworks
The emergence of agentic AI marks a structural shift in software development, introducing systems that not only accelerate production cycles but also perform autonomous reasoning and action beyond direct human control.

SecurityWeek: How to Conduct a Successful Audit of AI-Driven Software Development
As AI-generated code becomes commonplace, CISOs need new audit strategies to measure developer practices, govern AI tool usage, and identify software risks before they reach production.
IT Brief: A strategic blueprint for governing AI-enabled software development
According to a recent survey, more than seven in ten developers who have used AI coding tools report relying on them on a daily basis. However, many organisations still lack clear visibility into how these tools are influencing production code, creating governance gaps at a time when demand is accelerating and delivery timelines are tightening.

Citizen AI by Secure Code Warrior
AI risk doesn't stop at engineering. Get the one-pager on Citizen AI — build AI literacy and safe habits across your whole workforce.

Understand how AI is transforming software development—and how security must evolve with it.
From AI autocomplete to autonomous agents—explore how software development is evolving and what it means for security, governance, and your team.
%252520(1).png)




.webp)

