Security News > 2023 > August > Does a secure coding training platform really work?

As security vulnerabilities are reported to you time and again, you may ask yourself: "Why don't these developers learn the lesson?" The next thing you may think is: "We should train developers, so they stop making these mistakes."

Have secure code training platforms changed anything? Did they push those "Naughty" developers to be proactive about the security of their software? Did I end up reporting fewer recurrent vulnerabilities? Unfortunately, the answer to all those questions is "No".

The language security practitioners use - bizarre terminology and irregular titling of security vulnerabilities - is not good at communicating the nature of security issues to developers.

A vulnerability - a term usually used by the security industry - does not immediately tell the developer "What" the problem is.

Developers can use the same tools that they use in their daily work to fully explore the security vulnerability.

The security vulnerability is translated into a fully functional application along with security specification tests, and clearly defines the security problem in the developers' language, so they know how to go about debugging.

News URL

https://www.helpnetsecurity.com/2023/08/24/secure-coding-developers-training-platforms/