The Secure Code Warrior GitHub Action processes an industry-standard SARIF file and appends contextual learning based upon CWE references in a SARIF rule object, which is then displayed within GitHub code scanning alerts. This empowers your development and security teams to not only find vulnerabilities but enrich supported SAST tool reports with real-time knowledge that helps developers prevent vulnerabilities from reoccurring.

Contextual micro-learning helps minimise disruption of development workflow to make learning more efficient by giving you access to training relevant to the issues you are working on when you are working on them, saving you time and increasing effectiveness. Read more about it in this blog post or try it out here.