Menu

    Leveling Up Your Security Maturity

    Avatar
    Secure Code Warrior Elves
    • Updated
    Follow



    If you want to level up your security maturity, there’s always something you can do. In training mode, you can view statistics about your skills in the My Statistics     page to see how far you’ve come since the early days. 

    mceclip0.png

    We find that the way forward mostly comes down to two components: technology and experience. 

    Before we examine those components further, take a look at how Secure Code Warrior® considers security maturity. 

    Depending on specific criteria, you’ll be scaled into one of the following maturity levels:

    Security_Maturity_Levels.png

    Security Maturity criteria covers:

    • Points
    • Accuracy
    • Confidence

    For more information on how the criteria is calculated please refer to the Guide to Management Metrics and Statistics or Guide to Developer Metrics and Statistics 

    Beginner

    Security Aware

    Security Skilled

    Security Champion

    No requirements

    Points: 4000

    Points: 8000

    Points: 12000
     

    Accuracy: 20%

    Accuracy: 60%

    Accuracy: 90%
     

    Challenges: 20

    Challenges: 40

    Challenges: 60

     

    Tip: If you have already completed the quests for one of the languages and want to level up further there are 2 ways to do this.
    • Play challenges in different programming languages/frameworks. (Recommended)
    • Replay the quests you have already completed because there is a chance that you will be served a new challenge that you haven't played before which would increase your points, accuracy, and challenges played. Please keep in mind that playing a challenge that you have already played before will update your security maturity metrics only if more than 30 days have passed.
    • Accuracy is based on attempts, therefore replaying challenges after 30 days will not replace the previously achieved results but include both new and old attempts for the same challenge.

     

    Specific Programming Language and Frameworks

    In many organizations, there are several types of developers from front-end to back-end, mobile, and main-frame. This can pose a bit of a challenge when it comes to training. 

    Slides and videos are good for grasping the initial understanding of concepts, but to really build secure coding muscle memory, one must train on the technology that’s used every day to get the full benefit.

    On the Secure Code Warrior learning platform, we have worked hard on delivering just that - hands-on, code-level challenges in multiple languages and corresponding frameworks.

    Within the platform, you can dip in and out of challenges in multiple languages and frameworks, including, but not limited to;

    • Java (EE & Spring)
    • .NET (MVC & WebForms)
    • Javascript (Node, React & Angular.io)
    • Python (Django)
    • Ruby (Rails)
    • Scala (Play) 
    • IOS Objective - C
    • Android

    Click here for the latest language and frameworks available on Secure Code Warrior 

    This style of training helps build core skills around awareness and problem solving, much more so than any old slide deck or video. It encourages building new skills in different languages outside of the ones you use regularly. 

    Challenge yourself using the right tools and you’ll be rewarded with awesome, desirable security skills


    Hands-on Experience

    From interns and graduates to new hires and seasoned developers, variations in secure coding skills are always going to come up. Some developers will have had previous exposure to secure code training, but for some, the Secure Code Warrior platform might be their first undertaking of this kind of training. 

    Secure Code Warrior Training Module provides access to three levels of training that cater to different experience levels.

    • OWASP Top 10
    • Training Ground
    • Defending Your Code

    OWASP Top 10

    • Missions that focus on the OWASP Application Security Risks

    Training Ground

    • Missions that focus on one specific application security vulnerability at a time. This makes it easier to understand for developers without a background in security

    Defending Your Code

    • These missions are realistic simulations with real-world applications and complex code to test your secure coding prowess

     

    Using Secure Code Warrior helps you gain experience across a wide range of scenarios that extends beyond the training environment. As we’ve learned from so many excellent video games, experience makes you stronger, helps you learn, and makes you stand out from the crowd. 

    Combining the right tech with experience and know-how will level up your security maturity in no time. 

     

    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.