Secure Code Warrior Missions: Interactive coding simulations of real-world applications

Secure Code Warrior has launched Missions—hands-on, interactive coding simulations of real-world applications that encourage developers to experience the real-time impact of poor code practices in a safe environment. Missions is the result of Secure Code Warrior’s acquisition of Iceland-based start-up Adversary in April 2020.

40 missions covering common security vulnerabilities are currently available, all of which are based on real-world scenarios like the cyber-attacks and security breaches Facebook, WhatsApp, GitHub and high-profile banks have faced.

Targeted at developers, engineering leads and software security professionals, Missions challenges coders to experience these complex issues in a safe environment. This empowers developers to explore different ways to solve each Mission and encourages coders to practice their skills and knowledge, fostering a step-by-step approach to learning.

Pieter Danhieux, Co-Founder and CEO of Secure Code Warrior, said, “Missions is like a flight simulator for coders. Just like a pilot who needs to continually train to keep flying, Missions offers practical applications of live code in a hyper-relevant environment designed to encourage coders to understand attacks, practice and perfect their secure coding skills and knowledge.”

“We’re levelling up our existing offerings in a logical fashion and creating a progressive, scaffolded approach to building skills. It helps developers move from merely recalling knowledge to systematically building upon their experiences and skillset in real-time, fostering valuable secure coding skills that are job-relevant and allowing coders to experience the impact of insecure code first hand, in a safe environment,” Danhieux concluded.

Secure Code Warrior Missions are included as part of Secure Code Warrior’s standard feature set, with seven language frameworks supported at launch, including Java:Spring, C#(.NET):MVC, C#(.NET):Web Forms, Python:Django, Java:Enterprise Edition (JSP), JavaScript:Node.JS and C#:Core.

A Principal Engineer at Optum who has trialled Missions over the past fortnight said, “Missions is a practical, hands-on exercise in identifying, locating and resolving potential security issues. Before this, learning to code securely was a trial and error process.

“Using real code and frameworks to demonstrate the consequences of insecure code shows engineers why they should work on secure code—all through a fun, interactive game interface.”

For developers interested in taking on the mindset of a security researcher, Secure Code Warrior has released a public mission simulating the Unicode vulnerability that impacted GitHub in 2019.