Why don’t developers have a ‘spellchecker’ for security’?

Built-in security education

Checkmarx is one of several vendors looking to address that very issue.
“We take source code, and do the analysis on 10 or 100 lines of code, allowing the developers to see the vulnerabilities at a very early stage,” said Amit Ashbel, director of product marketing at Checkmarx. “And then we take them to a brief, five to 10 minute session on how to fix the code. We show them how to hack the code, and they can try it in real time. Then they understand what that vulnerability could have exposed to their code to.” As a result, the learning is delivered exactly when the developers need it most, he said. “They don’t have to move away from their desk, they don’t have to spend too much time sitting in a room and listening to lectures,” he said. “I think this is the way to do secure coding education.”   Continue reading this article here

About the Author

About the Author

Never miss an update. Subscribe today!

By submitting my information to Checkmarx, I hereby consent to the terms and conditions found in the Checkmarx Privacy Policy and to
the processing of my personal data as described therein. By clicking submit below, you consent to allow Checkmarx
to store and process the personal information submitted above to provide you the content requested.
Skip to content