Alexa

Super 30 Companies of the Year 2019

Committed to a new era of secure software excellence: Secure Code Warrior

thesiliconreview-pieter-danhieux-ceo-director-cofounder-secure-code-warrior-2019.jpg

Over a decade I saw the same secure coding mistakes being repeated and consultants like me were continually pointing out the problems, but no one was helping developers learn how to fix them, or not make those mistakes again. Learning about security needed to be more relevant and fun for developers and existing training tools were too boring and frankly, not accurate enough. -Pieter Danhieux, CEO

Secure Code Warrior was co-founded by Pieter Danhieux and MatiasMadou Ph.D., two globally recognized security experts. Through their combined security experience as developers, researchers, trainers, and consultants, Pieter and Matias had experienced the negative impact of insecure code and were frustrated by the industry's focus on simply findingvulnerabilities, rather than fixing or preventing them in the first place.

Both recognized that improving secure coding skills and outcomes would add a powerful layer of cyber protection for companies and would help them make better code, faster. Developers didn’t need to become security experts per se, but they could be empowered positively to be the first line of defense for their organization.

Secure Code Warrior makes software development better and more secure. Secure Code Warrior is a proven suite of secure coding tools. They are contained within one powerful platform which moves the focus from reaction to prevention. The platform trains and equips Developers to think and act with a security mindset as they build and verify their skills, gain real-time advice and monitor skill development.

An Innovative Approach to Secure Coding

The team pioneered an innovative approach to improving secure coding skills and outcomes that is simple, scalable and positive; and works for both Development and Security groups. The team is driven by the knowledge that measurable improvements in security compliance, consistency and predictability will be matched by better quality and speed of code writing. And that creates an environment in which everyone can enjoy spending more time building, and less time fixing!

“We Know the Pain of Dev versus Security”:Secure Code Warrior

In a world that depends on software, Secure Code Warrior makes software development better and more secure.

Secure Code Warrior 'starts left' within the Software Development Life Cycle (SDLC); focusing on making the Developer the first line of defense and preventing coding vulnerabilities in the first place. Most current application security tools focus on 'shifting left' in the SDLC – an approach that supports detection and reaction – detect the vulnerabilities in the written code and react to fix them. According to the National Institute of Standards and Technology, it is 30 times more expensive to detect and fix vulnerabilities in committed code than it is to prevent them when writing code in the IDE.

Secure Code Warrior’s unique approach embeds security into the DNA of Developers allowing you to shift left with your Security programs. It includes hands-on training, team and company-wide tournaments, as well as a real-time guidance solution, Sensei, that can be installed in a Developer’s environment to monitor, measure and correct coding mistakes that lead to security vulnerabilities. Secure Code Warrior’slearning content covers over 50 different vulnerability types including the OWASP Top 10. The company continuously revise and update its challenges for new coding frameworks and vulnerability types.

Eighty-five percent of exploited vulnerabilities are attributed to just 10 known vulnerabilities – the OWASP Top 10. Secure Code Warrior’s learning content covers over 40 different vulnerability types, including the OWASP Top 10. Its expert team continuously revise and update its platform with original challenges for new coding frameworks and vulnerability types.

Founding duo

Pieter Danhieux, CEO, Director and Co-Founder:Pieter Danhieux is a globally recognized security expert, with over 12 years’ experience as a security consultant and 8 years as a Principal Instructor for SANS teaching offensive techniques on how to target and assess organizations, systems, and individuals for security weaknesses. In 2016, he was recognized as one of the Coolest Tech people in Australia (Business Insider), awarded Cyber Security Professional of the Year (AISA - Australian Information Security Association) and holds GSE, CISSP, GCIH, GCFA, GSEC, GPEN, GWAPT, GCIA certifications.

MatiasMadou, Ph.D., CTO, Director, and Co-Founder:

Matias is a researcher and developer with more than 15 years of hands-on software security experience. He has developed solutions for companies such as HP Fortify and his own company Sensei Security. Over his career, Matias has led multiple application security research projects which have led to commercial products and boasts over 10 patents under his belt. When he is away from his desk, Matias has served as an instructor for advanced application security training courses and regularly speaks at global conferences including RSA Conference, Black Hat, DefCon, BSIMM, OWASP AppSec, and BruCon. Matias holds a Ph.D. in Computer Engineering from Ghent University, where he studied application security through program obfuscation to hide the inner workings of an application.

“Before I created my own company, I was helping to build tools that were quite good at finding vulnerabilities in code, but they didn’t give any context-sensitive guidance or fix security problems. I wanted to build a solution that would help developers write secure code, that would guide them in real-time when they are writing and help prevent them from introducing a problem and make it trivial to fix. Developers needed their own Sensei for secure coding.”-MatiasMadou, CTO