If you want to level up your security maturity, there’s always something you can do. In training mode, you can view statistics about your skills in the My Statistics page to see how far you’ve come since the early days.
We find that the way forward mostly comes down to two components: technology and experience.
Before we examine those components further, take a look at how Secure Code Warrior® considers security maturity.
Depending on specific criteria, you’ll be scaled into one of the following maturity levels:
Security Maturity criteria covers:
- Points
- Time
- Accuracy
- Confidence
For more information on how the criteria is calculated please refer to the Guide to Management Metrics and Statistics or Guide to Developer Metrics and Statistics
Beginner |
Security Aware |
Security Skilled |
Security Champion |
No requirements |
Points: 500 |
Points: 3000 |
Points: 5000 |
Accuracy: 10% |
Accuracy: 60% |
Accuracy: 90% |
|
Challenges: 10 |
Challenges: 15 |
Challenges: 20 |
|
Hours Played: 4 |
Hours Played: 12 |
Hours Played: 12+ |
Specific Programming Language and Frameworks
In many organizations, there are several types of developers from front-end to back-end, mobile, and main-frame. This can pose a bit of a challenge when it comes to training.
Slides and videos are good for grasping the initial understanding of concepts, but to really build secure coding muscle memory, one must train on the technology that’s used every day to get the full benefit.
On the Secure Code Warrior learning platform, we have worked hard on delivering just that - hands-on, code-level challenges in multiple languages and corresponding frameworks.
Within the platform, you can dip in and out of challenges in multiple languages and frameworks, including, but not limited to;
- Java (EE & Spring)
- .NET (MVC & WebForms)
- Javascript (Node, React & Angular.io)
- Python (Django)
- Ruby (Rails)
- Scala (Play)
- IOS Objective - C
- Android
Click here for the latest language and frameworks available on Secure Code Warrior
This style of training helps build core skills around awareness and problem solving, much more so than any old slide deck or video. It encourages building new skills in different languages outside of the ones you use regularly.
Challenge yourself using the right tools and you’ll be rewarded with awesome, desirable security skills
Hands-on Experience
From interns and graduates to new hires and seasoned developers, variations in secure coding skills are always going to come up. Some developers will have had previous exposure to secure code training, but for some, the Secure Code Warrior platform might be their first undertaking of this kind of training.
Secure Code Warrior Training Module provides access to three levels of training that cater to different experience levels.
- OWASP Top 10
- Training Ground
- Defending Your Code
OWASP Top 10
- Missions which focus on the OWASP Application Security Risks
Training Ground
- Missions that focus on one specific application security vulnerability at a time. This makes it easier to understand for developers without a background in security
Defending Your Code
- These missions are realistic simulations with real-world applications and complex code to test your secure coding prowess
Using Secure Code Warrior helps you gain experience across a wide range of scenarios that extends beyond the training environment. As we’ve learned from so many excellent video games, experience makes you stronger, helps you learn, and makes you stand out from the crowd.
Combining the right tech with experience and know-how will level up your security maturity in no time.
Note: When you complete all challenges for a certain language, replaying the same challenge won't affect your score if it was last played less than 30 days ago. To improve your score/security maturity you can play challenges in different languages or wait 30 days and play the same challenges again.
Comments
0 comments
Please sign in to leave a comment.