SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Secure Code Warrior launches industry-first SCW Trust Score for developer teams

Thu, 2nd May 2024

Secure Code Warrior has announced the introduction of its SCW Trust Score, the industry's first benchmark that gauges the security posture of organisations' developer teams. This pioneering metric provides a crucial baseline for assessing the impact and effectiveness of their learning programmes. The SCW Trust Score will also facilitate better collaboration and recalibration of skills training among security, developer, and engineering teams.

With the surge in demand for accelerated application development and the incorporation of AI technologies, the risk of vulnerabilities increases. Organisations are under immense pressure to cultivate and maintain a software team that is ready to tackle security challenges efficiently. This mounting pressure calls for a real-time quantifiable benchmark that can specify the bell curve of their organisations' security programmes and the security aptitudes of their developers.

Pieter Danhieux, co-founder and CEO of Secure Code Warrior, stated, "Modern chief information security officers (CISOs) need tangible insights into their developers' security skill levels to measure the effectiveness of their security program. To date, this has proved elusive." He added, "However, this changes today. The SCW Trust Score is the only data-driven skill score linked to favourable security outcomes, with some clients reporting a 53% reduction in vulnerabilities and 2x faster fixing of critical security bugs."

Secure Code Warrior's unveiling of the SCW Trust Score follows a watershed year when the company secured $50 million USD in a Series C funding round led by Paladin Capital Group. Their client base has grown to feature more than 600 global enterprises powering the international economy, including major players such as JPMorgan Chase, HSBC, Colgate-Palmolive, Netskope, and Workday.

Chirag Mehta, vice president and principal analyst at Constellation Research, emphasised the necessity of a tailored, evolving educational approach for developers in the current landscape of software supply chain security. He highlights that the emergence of AI copilots that produce significant code volumes alongside human developers has raised the importance of personalised developer education and a scalable training programme.

According to the company, SCW Trust Score, which is supported by over 20 million learning data points from more than 250,000 developers globally, is accessible to organisations today. The features offered include three specific industry benchmarks—Global, Banking and Financial Services, and Technology; grades across various security categories, particularly OWASP 1-10; and scores that improve with concept coverage and increased participation. The score, which ranges from 0 to 1000, decreases with inaccuracy or hint usage and also erodes over time.

The SCW Trust Score is set for further improvements, capabilities, and algorithm enhancements in the coming months. These new features will provide organisations and developer teams with even more ways to measure the effectiveness of their learning programmes.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X