Developers and everyone working within the software development lifecycle are under pressure to deliver 100x the code volume than they were ten years ago. And while they're expected to create scalable, secure, and successful applications, they often don't have the education for all three.
According to Stack Overflow, only 55% of survey respondents between 25-34 have learned how to code at traditional schools. Others learn from certifications, online resources, and boot camps. For those that did attend traditional schools, Forrester reports that 0 of the 50 top computer science programs require a course in code or application security. That leaves us with a dilemma – how do you build skills to help your developers build secure software?
Read The Article: Feeling Exhausted? The AppSec Dilemma Could Be to Blame
At Security Journey, we believe your developers need to be more than just aware of vulnerabilities; they need hands-on training in breaking and fixing code to build the skills they need to develop secure software efficiently.
The Diligent Developer Security Awareness and Education Program is designed to raise awareness about application security and build skills across your development team to educate them to build secure software.
Read The Article: Beyond Security Awareness: Safer Apps through Education
How to Use The Diligent Developer Chronicles Security Awareness Program
The Diligent Developer Security Awareness and Education Program is designed to meet your unique needs. Whether your organization has invested in an application security training program or you are tasked with developing content in-house, we have program materials for you.
There are two tiers of The Diligent Developer Program, and both are free:
Tier One includes The Diligent Developer Chronicles: OWASP Top 10 PDF that breaks down each vulnerability and the proper precautions your development team should be aware of and is a fun resource and conversation starter to raise awareness of the OWASP Top 10 across your organization. This PDF can be accessed without filling out any forms or providing any information.
Tier Two is the full Diligent Developer Chronicles Security Awareness and Education Program for use in your organization:
- The Diligent Developer Chronicles: OWASP Top 10 - A resource to get conversations going and raise awareness of the OWASP Top 10 across your organization and for teams to keep as a reference.
- Access to (3) OWASP Top 10 Video Lessons - 15-minute podcast-style video lessons to engage both developers and non-developers to build a foundational understanding of the top application vulnerabilities today.
- OWASP Top 10: Part 1
- OWASP Top 10: Part 2
- OWASP Top 10: Part 3
- Access to (3) Break/Fix Lessons - 15-minute hands-on training on OWASP Top 10 vulnerabilities to build secure coding skills in your development team.
- Server-Side Request Forgery
- Security Logging and Monitoring
- SQL Injection
- Diligent Developer Assets - If you'd like to theme your program around the Diligent Developer, we have provided Zoom Backgrounds, Sticker Designs, Digital Badges, Emojis, and artwork to support your efforts.
- Program Guide - To asset with scheduling, communication, and program roll-out.
The program contains a suggested schedule and communication ideas for a month-long program focused on a fun way to not only enhance security awareness but to build skills across your development team to empower them to think securely. This could be added to National Cybersecurity Awareness Month initiatives for the entire development team or be used to grow a security champions program.
The Diligent Developer Story
In the realm of Secure Development, great emphasis was placed on constructing applications with a strong foundation of security. From the earliest stages of their training, every aspiring developer learns the importance of diligence and careful consideration in their coding practices. They were instilled with an awareness of the prevalent vulnerabilities that could potentially impact their code. As they honed their skills, they gained the ability to create elegant code by studying and addressing these vulnerabilities. This process enabled them to build applications efficiently and securely.
However, not all regions shared this enlightened approach. In many places, developers were taught to write code with minimal regard for the possibility of vulnerabilities, lacking any training in identifying or remedying these weaknesses. Consequently, a shadow fell upon these lands, threatening their security.
And so, with a sense of purpose, the Diligent Developers set out on their mission, determined to safeguard their realm and extend a helping hand to their neighboring lands.
Are Your Diligent Developers Ready to Start Their Journey?
By implementing The Diligent Developer Security Awareness and Education Program, you are taking a proactive step toward strengthening your organization's security posture.
Remember to adapt and evolve the program over time to address emerging threats and changing development practices. Continuous education and awareness will empower your developers to build secure applications, protecting your organization and its users from potential security risks.