Integrating Secure Code Warrior® with your organization's Learning Management System may help you streamline access to secure code learning resources and gamified challenges, as well as assign, track and report on Courses or Assessments.
Some Benefits of LMS Integration
Management overhead reduced
- Training is automatically pushed to developer profiles by your LMS
Automatic reminders sent to non-compliant users
- Your LMS can often send automatic reminders to users to complete any outstanding mandatory training
Annual training refresh built into your LMS
- You can often choose to have users automatically reminded to redo mandatory training on a regular basis
Please note that these features may vary from LMS to LMS so please consult your LMS vendor's documentation for the specific functionality available within your LMS.
Setup and Configure Single-Sign-On [Recommended]
Secure Code Warrior supports Single Sign On (SSO) to provision user accounts in real-time automatically. Please see Setup and Configure Single-Sign-On (SSO) for details.
Setup and Configure Assessments
Assessments are used to benchmark developer competency. An Assessment is configured for a language:framework and choice of vulnerabilities, difficulty level, and a minimum score to pass. Please see How to Create an Assessment for details.
Setup and Configure Courses
Courses help build a positive culture around application security as well as training in general, leading to more security-conscious developers in the world which is great for everyone.
Courses are used to create guided learning pathways that focus on the specific vulnerabilities that impact your organization. These learning pathways can be updated or changed as your development teams evolve and build their security awareness. Please see How to Create a Course for details.
Setup and Configure Secure Code Warrior API
Note: This step is only required if your LMS does not support the SCORM standard.
Note: Due to the many types and versions of LMS systems available today, we support different integration methods (CSV, REST API) and can provide advice that will help you build your LMS Connector.
If your LMS supports the SCORM standard, you can download a SCORM package for your Course or Assessment from the Secure Code Warrior Learning Platform and import this directly into your LMS. This is the simplest way to integrate Secure Code Warrior with your LMS.
Please see SCORM LMS Integration for details.
Custom LMS Integration Approach
If your LMS does not support the SCORM standard, you will need to create a custom integration leveraging our API.
Create Course in LMS
Create a 'Course' in your LMS as an alias to the Secure Code Warrior Learning Platform. The alias in your LMS Course Catalogue will be used to redirect and log in the user to the Secure Code Learning Platform via SSO.
Tip: We recommend creating a single 'Course' that includes multiple programming language:frameworks to establish a baseline of secure coding awareness. Further language:framework specific 'Courses' should be added to grow secure coding maturity across the teams in your organisation.
Assigning an Assessment or Course
Assessments and Courses can be assigned using the Secure Code Warrior API (v2). Please refer to the Secure Code Warrior API Center for details.
Tracking Progress and Reporting Results
The Secure Code Warrior API (v2) will also allow you to report on your developers' progress or score, and mark completion within your LMS. Please refer to the Secure Code Warrior API Center for details.
Alternatively, a Company Administrator can export a CSV of the Assessment and Course data from Secure Code Warrior metrics and reports available in the platform. The LMS can then be updated based upon a manual process or script. Please refer to this article for a list of reports available from the Secure Code Warrior Learning Platform, and please consult your LMS documentation to see the available methods for updating learner progress or completion within your specific LMS.