Our GitHub integration provides contextual training on secure coding techniques in a variety of programming languages and frameworks from directly within the issues you are working on. This GitHub app will automatically add comments to issues containing security vulnerability descriptions and links to relevant code exercises to help you and your team learn how these vulnerabilities work and how to prevent them.
Secure Code Warrior for GitHub will serve training content based on Common Weakness Enumeration (CWE) or Open Web Application Security Project (OWASP) references identified in the issue title, body or labels. This has been designed to work with several popular security tools that can be configured to push findings into GitHub issues with these references automatically. If no references are included, this app will also search for common vulnerability names and phrases in the issue title and body.
Contextual micro-learning helps minimise disruption of development workflow to make learning more efficient by giving you access to training relevant to the issues you are working on when you are working on them, saving you time and increasing effectiveness. Read more about it in this blog post or try it out here.