Media Release

Australian banks leading with "Developers as the First Line of Defence" approach to application security

August 22, 2017

Australian banks are leading the charge globally to develop a strong security mindset among their software developers according to Pieter Danhieux, leading secure software evangelist and co-founder of Australian start-up Secure Code Warrior.

Danhieux said five out of Australia's top six banks were now actively engaging their developers to build secure coding skills through Secure Code Warrior's online, self-paced, gamified learning environment, as well as reviewing real-time metrics and reporting to verify the strengths and weaknesses of their developers and teams. The first contract was AUDM with one major bank in August 2016, followed by contracts with four more since then.

"Traditional banks have come under strong pressure from non-traditional competitors to accelerate their speed-to-market, enhance quality and increase flexibility. This has led them to adopt more agile development frameworks which focus on rapid development of features and functions at the expense of security," said Danhieux.
"The average cost of a data breach now stands at USD.6M and the odds of a company being impacted are as high as one in four. Most of the world's major security breaches to coding errors which allows hackers to gain more privileges on computer networks, giving them access to harvest critical data," he added.

Mr Danhieux cited breaches in recent years including Qatar National Bank, VTech, Mossack-Fonseca (Panama Papers), and TalkTalk where hackers took advantage of poor software security practices.

Danhieux, long-time ethical hacker, Principal Instructor for the SANS Institute and AISA's 2016 Cyber Security Professional of the Year, strongly supports Agile Development methodologies that integrate security from the start, practices employed by many tech companies and an increasing number of financial services institutions.

"The shift to Agile Development has some great speed benefits for companies and customers, but it has created significant new challenges with respect to preventing security vulnerabilities. Every developer now needs security built into their DNA, maintaining speed but reducing security bugs which are typically expensive to fix."

Secure Code Warrior was founded in Sydney and London in 2015 when Danhieux, his business partner John Fitzgerald and three other aussie cybersecurity professionals, decided they wanted to help software developers embrace security as a core responsibility of their job.

"Current application security tools focus on moving from right to left in the Software Development Life Cycle (SDLC), an approach that supports detection and reaction - detect the vulnerabilities in the written code and react to fix them. We focus on the extreme left of the SDLC, making the developer the first line of defence in their organisation and helping to prevent vulnerabilities from happening in the first place," said Mr Danhieux.

The fast-growing start-up now has offices in Sydney, London, Belgium and Boston and leading financial services, telecommunications and technology customers in nine countries. The company now has 10,000 active users and has doubled its customers and tripled its revenue in the last six months.

Craig Davies, CEO of the Australian Cyber Security Growth Network (AustCyber) predicts that this type of hands-on evidence based training will become a fundamental activity for organisations developing applications.

"Companies who code securely from the start will not only significantly reduce their risk but strip out huge costs and delays with their product innovation," says Mr Davies.

Danhieux has been impressed with the Australian banks, who he says recognised that the risk was real and have been quick to reduce their exposure. "The pace of new customers onboarding Secure Code Warrior around the world makes it clear that financial service institutions everywhere are recognising the importance of building security excellence into every line of code, and that Secure Code Warrior is an easy solution to address the challenge rapidly and sustainably."

标语

Govern AI-driven development before it ships

Measure AI-assisted risk, enforce secure coding policy at commit, and accelerate secure delivery across your SDLC.

book a demo
标语

Explore more articles

Lorem Issum diam quis eim leboutis ein selerisque lobortis sepitis beelrisque lobortis sepitis celerisque lobortis celeriskue filmentis celeriskue filmentis celeriskue diam

browse all
Case Study
Filter Label
This is some text inside of a div block.

Supercharged Security Awareness: How Tournaments are Inspiring Developers at Erste Group

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Learn More
Case Study
Filter Label
This is some text inside of a div block.

Security as culture: How Blue Prism cultivates world-class secure developers

Learn how Blue Prism, the global leader in intelligent automation for the enterprise, used Secure Code Warrior's agile learning platform to create a security-first culture with their developers, achieve their business goals, and ship secure code at speed

Learn More
Case Study
Filter Label
This is some text inside of a div block.

One Culture of Security: How Sage built their security champions program with agile secure code learning

Discover how Sage enhanced security with a flexible, relationship-focused approach, creating 200+ security champions and achieving measurable risk reduction.

Learn More
Case Study
Filter Label
This is some text inside of a div block.

ITWire: Agentic AI Era Demands Overhaul of Governance Frameworks

The emergence of agentic AI marks a structural shift in software development, introducing systems that not only accelerate production cycles but also perform autonomous reasoning and action beyond direct human control.

Learn More
Case Study
Filter Label
This is some text inside of a div block.

SD Times: Platform Engineering & Developer Experience: Making Engineers Faster Without Making Them Reckless: SD Times 100

This category has taken on new urgency in 2026 for a reason that’s specific to this moment: AI coding tools and agents are dramatically increasing how much code gets written and how often it needs to be deployed, tested, and provisioned for. Platform engineering is the layer that determines whether that increased velocity translates into shipped value or into chaos.

Learn More
Case Study
Filter Label
This is some text inside of a div block.

SecurityWeek: How to Conduct a Successful Audit of AI-Driven Software Development

As AI-generated code becomes commonplace, CISOs need new audit strategies to measure developer practices, govern AI tool usage, and identify software risks before they reach production.

Learn More

Secure AI-driven development before it ships

See developer risk, enforce policy, and prevent vulnerabilities across your software development lifecycle.

Book a demo