The Silicon Review
Secure Code Warrior was co-founded by Pieter Danhieux and MatiasMadou, two globally recognized security experts. Through their combined security experience as developers, researchers, trainers, and consultants, Pieter and Matias had experienced the negative impact of insecure code and were frustrated by the industry's focus on finding vulnerabilities, rather than fixing or preventing them. Both recognized that improving secure coding skills and outcomes would add a powerful layer of cyber protection for companies and would help them make better, faster code. Developers didn’t need to become security experts, but they could be empowered positively to be the first line of defense for their organization.
The team pioneered an innovative approach to improving secure coding skills and outcomes that is simple, scalable and positive, for both development and security teams. The team is driven by the knowledge that measurable improvements in security compliance, consistency and predictability will be matched by better quality and speed of code writing. And that creates an environment in which everyone can enjoy spending more time building, and less time fixing!
Why Secure Code Warrior
With Secure Code Warrior, Clients can empower their developers to code securely, achieving rapid improvements in security compliance and consistency, as well as enhance the quality and speed of code writing. The more clients’ teams use the tools in its platform, the better they’ll become at coding securely and the less time and money will be spent on fixing bugs.
In a world that depends on software, developers need to be the first line of defense for any company's security strategy.
Secure Code Warrior is a proven suite of secure coding tools within one powerful platform that moves the focus from reaction to prevention. The platform trains and equips developers to think and act with a security mindset as they build and verify their skills, gain real-time advice, and monitor skill development.
Training: Secure Code Warrior’splatform enables developers to view their progress throughout their journey. They can see which challenges they have completed, their strengths and weaknesses, time spent on training, and their accuracy. The gamified aspect of the platform offers hints and allows developers to earn points and collect badges, with anonymized leaderboards for teams.
The company is constantly expanding and updating the platform. Its platform currently has hundreds of short challenges, covering over 50 common vulnerabilities, including the OWASP top 10. It is also constantly updating its suite of languages and frameworks, and creating new challenges daily.
Tournament: Tournament on the Secure Code Warrior platform allows organizations to run competitive and engaging events that get the whole developer community involved.Players will be presented with a series of vulnerable code challenges that will ask them to identify the problem, locate the insecure code, and fix the vulnerability. All challenges are based on the OWASP Top 10 and they can choose from a range of software languages to compete in the tournament, including Java EE, Java Spring, C# MVC, C# WebForms, Ruby on Rails, Python Django, Scala Play, and Node.JS.Throughout the tournament, developers will earn points and they can watch as they climb to the top of the leaderboard and be crowned the ‘Secure Code Warrior.’
Sensei: Sensei works by keeping every member of the team on the same page, filling the gaps in security knowledge without requiring tedious knowledge-based updates and referencing. It enables developers and AppSec to capture their knowledge in a best practice or code guidelines and automatically distribute that knowledge to the development team. Sensei provides an efficient solution to prevent vulnerabilities, empowering developers to write secure code from the very beginning. This puts an end to time-consuming and expensive fixes later in the software development lifecycle.
Sensei also offers defense against vulnerabilities that already exist within the code. Upon detecting an issue, Sensei highlights it while offering the developer a pre-defined fix. This allows developers to swiftly and consistently correct an issue across the company without referencing the in-depth research on how to remedy that particular problem.
Meet the Leader
Pieter Danhieux, CEO, Director, and Co-Founder:Pieter Danhieux is a globally recognized security expert, with over 12 years’ experience as a security consultant and 8 years as a Principal Instructor for SANS teaching offensive techniques on how to target and assess organizations, systems, and individuals for security weaknesses. In 2016, he was recognized as one of the Coolest Tech people in Australia (Business Insider), awarded Cyber Security Professional of the Year (AISA - Australian Information Security Association) and holds GSE, CISSP, GCIH, GCFA, GSEC, GPEN, GWAPT, and GCIA certifications.