DEVOPSdigest

Security Journey announced an acceleration of its secure coding training platform enhancements.

Since combining HackEDU and Security Journey training offerings into one Platform, the company has added or refreshed almost 200 lessons and 25 languages, frameworks, and technologies; giving customers even more new training content to improve secure coding knowledge gain of up to 85%.

New and updated learning content is especially needed at a time when record-high numbers of software security flaws are being reported. CVEs (Common Vulnerabilities and Exposures) increased by 59% last year, but none of the top 50 U.S. undergraduate computer science programs mandate courses in application security. With calls for ‘secure by design’ coming from the very top of the Cybersecurity and Infrastructure Security Agency (CISA), establishing and continuously boosting secure coding knowledge gain amongst software development professionals is essential.

"At a time when vulnerabilities are at an all-time high, implementing engaging and effective secure coding training is critical,” said Joe Ferrara, CEO at Security Journey. “We’re excited to now offer more than 800 lessons with these latest enhancements. Our training builds a security-first mindset across organizations and supports regulatory guidance from PCI (Payment Card Industry) Security Standards Council, CISA, the FDA (Food and Drug Administration), and many more organizations that understand the knowledge gaps in secure software development.”

To complement the new training content, the company has also launched robust tournament features that drive developer and non-developer learner engagement. All members of the SDLC can participate in AppSec tournaments to assess, apply, and demonstrate their knowledge of fundamental concepts.

Crucially, tournament administrators can filter and select from the entire training catalog to ensure that learning is role-based and tailored to the appropriate level and people.

The easy-to-use interface empowers admins to start a tournament in a matter of minutes with:

- Lessons and assignments that can be auto-generated or selected manually

- Customizable pre-written tournament notifications enabling admins to communicate easily with participants

- Duration estimates indicating how quickly the tournament could be completed

- Enhanced scoring including attempts, hints, success, and coding accuracy all driving points achieved

Here is a summary of some of the key new training content and enhancements.

- Additional Pre-built and Customizable Learning Paths – including multiple training formats to drive engagement.

- Lessons on Cryptography, Digital Signatures, and Google Cloud Platform

- Additional Languages and Technologies - C++, Rust, Go, C, Scala, Kotlin, Azure, Scala, Infrastructure as Code, and Embedded Software Systems, and more.

- Enhanced reporting shows percentage knowledge increase across learners, levels, and lessons to help administrators understand training effectiveness including time spent on lessons.