Close knowledge gaps on security topics in a fun and entertaining way: Cloudogu integrates contextual learning from Secure Code Warrior in SCM-Manager
Cloudogu GmbH has integrated a free plugin into its SCM-Manager (tool for SourceCode Management) that displays contextual training videos and exercises on security topics from Secure Code Warrior in pull requests. This allows developers and reviewers to find and fix insecure code, at the earliest stage of the development lifecycle.
BRAUNSCHWEIG, Germany, July 8, 2021 /PRNewswire-PRWeb/ -- When descriptions, inserted comments or tasks in pull requests contain a keyword related to a security topic, the new SCM-Manager plugin automatically adds relevant explanations, videos and fun challenges from Secure Code Warrior. By displaying the information in small learning units based on the situation, developers can quickly educate themselves individually in an engaging way. This helps development teams to ship high-quality and secure code with confidence.
Quickly fill knowledge gaps with micro-learning and gamification.
The extensive Secure Code Warrior database includes short descriptions, training videos, and gamified exercises for all major programming languages and frameworks, including frontend, web, mobile, infrastructure-as-code (IaC), backend, and APIs. SCM-Manager users can take advantage of these without an account with Secure Code Warrior. The more than 30 topics include learning content on about 150 security vulnerabilities such as access control (including authentication and authorization), data processing (including XSS and DoS), insecure development practices, protecting sensitive data, and incorrect configuration.
The keyword list also includes synonyms for each term, as well as different spellings, to provide developers with relevant content in as many cases as possible.
The Secure Code Warrior learning content easily assists developers and reviewers in creating secure code. Two example scenarios:
Pull Request as a learning example: an experienced developer has closed a security vulnerability and then creates a pull request with keywords related to the corresponding security topic. The plugin automatically adds the relevant content from Secure Code Warrior. In this way, the pull request can be used as a learning example for team members, who can expand their knowledge of security topics in an entertaining, quick and easy way.
Learning while performing a review: An experienced developer performs a review of a pull request and finds a potential security vulnerability. To have it closed before the merge, he adds a comment or task to the pull request. Matching the terms that occur, the developer receives all the necessary information from Secure Code Warrior and can make the necessary changes.
Users can download the plugin for free at the following link: https://my.cloudogu.com/scw-for-scm-manager.
# # #
About Cloudogu (http://www.cloudogu.com)
Cloudogu GmbH was founded in 2014 as a spin-off of TRIOLOGY GmbH. Cloudogu's goal is to map the entire product lifecycle of software development through a pre-configured toolset that helps to develop software even more efficiently through standardization and automation. The result is the open source development platform Cloudogu EcoSystem. The central component of the Cloudogu EcoSystem is the SCM Manager.
The Cloudogu EcoSystem is a pre-configured platform based on containers. Development teams can run the tools of their choice with minimal administration, making software development more efficient and flexible. Thanks to the combination of locally installed instances and a central backend, the Cloudogu EcoSystem combines all the advantages of cloud services with those of local operation.
About Secure Code Warrior
Secure Code Warrior makes secure coding a positive and engaging experience for developers. Our flagship Learning Platform delivers relevant skills-based pathways for developers to write secure code at speed; while intelligent and contextual developer tools fix common security bugs in real-time.
Through inspiring a global community of security-conscious developers to embrace a preventative secure coding approach, our mission is to pioneer a people-first solution to security upskilling, stamping out poor coding patterns for good. Established in 2015, our customers include major financial institutions, telcos, retail, governments and global technology companies across Europe, North America and Asia-Pacific. Learn more at http://www.securecodewarrior.com
Media Contact
Daniel Huchthausen, Cloudogu GmbH, +49 5316180888 Ext: 0, [email protected]
SOURCE Cloudogu GmbH
Share this article