Lack of developer secure coding skills and awareness is continuously named as one of the most significant challenges organizations face across all verticals. As reiterated in the SANS 2016 “State of Application Security” survey, developer education is seen as the most effective tool to enhance the application’s security state. However, that same survey shows that implementing effective and continuous education is still the top challenge for these same organizations.
Checkmarx AppSec Coach, integrated within CxSAST, is a fun and engaging approach to get developers the knowledge they need at the time and place they need it most. By providing in-context, interactive, bite-sized educational modules, AppSec Coach ensures developers are trained exactly on what they need, when they need it, without pulling them out of their daily work routine.
“Skills shortages will continue to be a problem as new technologies emerge,” says Johannes Ullrich, Ph.D, Dean of Research for the SANS Technology Institute. “Skills shortages have, historically, been a problem for almost all InfoSec disciplines. Organizations will need to continue to leverage training and education to develop their skill sets.”
“It’s no secret that the ability to deliver secure applications eventually depends on the developer’s ability to avoid the pitfalls a hacker would exploit,” says Nir Livni, VP of Products at Checkmarx. “Introducing AppSec Coach serves that exact purpose. AppSec Coach allows organizations to further shift left their remediation activities, and moreover, to write secure code to begin with. This will not only reduce development and remediation costs, but also reduce the overall time to market.”
Additional Resources
About Checkmarx
Checkmarx is an Application Security Software company, whose mission is to provide enterprise organizations with application security testing products and services that empower developers to deliver secure applications. Amongst the company’s 1,000 customers are five of the world’s top ten software vendors and many Fortune 500 and government organizations, including SAP, Samsung and Salesforce.com. For more information about Checkmarx, visit https://www.checkmarx.com or follow us on twitter: @Checkmarx