Due to the amount of experience the marketing automation company’s leaders have in development, they know what it takes to run a successful, secure coding program. They applied learning science principles to create their developers’ training schedules for 2021 and move into 2022, understanding the importance of repetition in building long-term memory. They wanted their developers not just to know the ‘how’ in secure code, but the ‘why’ was equally important.
“Early on in the training program, developers questioned why they needed to learn offensive techniques, which opened up the conversation amongst their peers and with our security team. I was happy to explain the importance of understanding how hackers exploit code and how it improves skills in finding and fixing vulnerabilities”
Another page in their best-practice playbook was time. The Director of Information Security was mindful of the hour per month his team had available to dedicate to secure coding training which meant bite-sized yet robust lessons were imperative. Because Security Journey lessons only take between 20-30 minutes to complete, his team could get through at least two, if not three, in that hour timeframe.
Every month is a different theme with two to three lessons, again being respectful of their developers’ limited spare time. However, during their first year using our platform, the developers were so engrossed they worked ahead of schedule. Many completed the lessons far before the due date.
Next, the company will be covering many of the same topics to reinforce the training already completed and will add newly released lessons as well.