Partnership unites security and development teams to enable fast find, fast fix of vulnerabilities
Bugcrowd and Secure Code Warrior have announced they are partnering to provide a more robust framework for bridging the gap between security and development teams. Bugcrowd and Secure Code Warrior will provide contextual training and remediation advice to customers’ software and security teams based on validated vulnerabilities found through Bugcrowd. This will result in faster fixing, improved development lifecycles, and promote more secure code writing.
An increasing number of breaches have necessitated a fundamental shift in approach, and the historical divide between security and engineering is slowly disappearing. Today, addressing security early in the software development life cycle is essential to preventing data breaches. A recent study found that 62 percent of respondents have a formal or informal DevSecOps team — up just 13 percent the year prior. The partnership between Secure Code Warrior and Bugcrowd is enabling this “shift-left” thinking.
Through this collaboration, developers can access the Secure Code Warrior training modules most relevant to the unique set of vulnerabilities Bugcrowd identifies during the security testing process. This promotes rapid return on investment for organizations by helping them to:
- Reduce overhead in the identification and remediation of vulnerabilities
- Connect, quantify, and systematically reduce risk for trending vulnerabilities
- Accelerate go-to-market for more secure products and services.
“Bugcrowd is focused on improving the security of our digitally-connected world — this means going beyond vulnerability identification to educate the next generation of cyber defenders, which includes helping builders write more secure code,” said Casey Ellis, founder and CTO at Bugcrowd. “By embedding information from training tools platform into the Bugcrowd platform, we can prevent entire vulnerability categories from reappearing and help facilitate the necessary collaboration between security and development teams. We are proud to partner with Secure Code Warrior to empower customers to find and fix faster, as well as build better from the start. ”
“Our mission at Secure Code Warrior is to help developers create secure software from the start — it’s not about just shifting left, but starting left,” said Pieter Danhieux, chairman and CEO at Secure Code Warrior. “Many developers want to write secure code but often are not aware of the insecure coding patterns, and many companies don’t provide such role-specific training so we’re seeing the same coding mistakes being made. Our partnership with Bugcrowd is a natural progression for us to address this. By building real-world scenarios into our platform, developers will become more security aware, receiving better secure coding training which will ultimately help them on their journey to build more secure software from the beginning.”
About Bugcrowd
Bugcrowd is the #1 crowdsourced security company. More Fortune 500 organizations trust
Bugcrowd to manage their bug bounty, vulnerability disclosure, and next gen pen test programs.
Bugcrowd’s award-winning platform combines actionable, contextual intelligence with the skill
and experience of the world’s most elite hackers to help leading organizations solve security
challenges, protect customers, and make the digitally connected world a safer place. Based in
San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry
Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak
Partners. Learn more at www.bugcrowd.com.
About Secure Code Warrior
Secure Code Warrior is a global security company that makes software development better and
more secure. Our vision is to empower developers to be the first line of defense in their
organization by making security highly visible and providing them with the skills and tools to
write secure code from the beginning.
We have built a powerful platform that moves the focus from reaction to prevention, training and
equipping developers to think and act with a security mindset as they build and verify their skills,
gain real-time advice and monitor skill development. Our customers include major financial
institutions, telecommunications providers and global technology companies across Europe,
North America and the Asia Pacific. Learn more at www.securecodewarrior.com.