If you’re in need of a great excuse to strengthen – or start – an application security awareness program for your developers, this month is it. October, as you may already know, is National Cyber Security Awareness Month (NCSAM), and hundreds of security-focused organizations, including us, have come together in support of a more secure future for all.
Checkmarx is excited to have partnered up with the National Cyber Security Alliance (NCSA) and the Department of Homeland Security in promoting security awareness, and this year our aim is to raise awareness for application developers. As part of our participation in this year’s Cyber Security Awareness initiative, we’ve launched a site, SecureDevKit.com, dedicated – in October and throughout the year – to teaching developers how to write better, more secure code.
Many of us will use one application to wake us up each morning; Find the quickest route to work with another application; Access our email, social media accounts, and get our news from lots of different apps, both on the desktop and on our phones. We put a lot of trust into the software we use on a day to day basis. Yet many of the applications we use – and create – aren’t secure.
Developers, though we can never forget the amazing work they do – still struggle to write code free of potentially harmful vulnerabilities. It’s time to stop pointing fingers after breaches and attacks, and start working more on preventing these occurrences. And one of the most efficient ways of doing that is by teaching your developers essential techniques and specific tips on how to secure your code as it’s being written.
And October, with all the amazing resources provided by various organizations on the Stay Safe Online site, is a great month to really put some time into your application security awareness program. In the spirit of National Cyber Security Awareness Month, we’ve launched SecureDevKit.com and filled it with resources, information, and even our Game of Hacks challenge. We invite all security managers and CISOs to use and share with the development teams you work with.
Game of Hacks Challenge
One of the best ways we’ve learned to help get developers more engaged in security is by teaching them secure coding in fun ways. And it’s in that spirit that we’ve launched our Game of Hacks Challenge, an extension of our popular Game of Hacks. Enjoy a little healthy competition and team building with your developers and security staff together.
Secure Development Kit
At the beginning of October, we sent hundreds of Secure Development Kits to R&D teams around the world. The feedback we’ve already received has been overwhelming, and we’re excited to share the kit with R&D team leaders (it’s free!).
The kit includes security tips, instructions on running a Game of Hacks Challenge in your own organization and giveaways for the top players. On the site, you can order one for your own team on the site. Be sure to let us know how your program goes!
Tip of the Day
Along with the kit and challenge, we’ll also be sharing daily tips for developers on our Twitter, Facebook, and LinkedIn pages and by following the hashtag #SecureDevAware. We have weekly themes, including tips for mobile security, agile developers, and developer education and awareness.
You can easily share them with coworkers and friends from our social media pages, as well as download them from SecureDevKit.com. Be sure to send us back your own #SecureDevAware tweets:
Help us raise the bar for developers in how they learn and understand what secure code looks like, and let’s create a discussion around how to write better, more secure code in our applications.
Visit SecureDevKit.com today to get started – and don’t forget to tweet your secure developer tips with the hashtag #SecureDevAware throughout the month of October and beyond.
Happy National Cyber Security Awareness Month!
Sign up today & never miss an update from the Checkmarx blog
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.