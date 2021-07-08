BRAUNSCHWEIG, Germany, July 8, 2021 /PRNewswire-PRWeb/ -- When descriptions, inserted comments or tasks in pull requests contain a keyword related to a security topic, the new SCM-Manager plugin automatically adds relevant explanations, videos and fun challenges from Secure Code Warrior. By displaying the information in small learning units based on the situation, developers can quickly educate themselves individually in an engaging way. This helps development teams to ship high-quality and secure code with confidence.
Quickly fill knowledge gaps with micro-learning and gamification.
The extensive Secure Code Warrior database includes short descriptions, training videos, and gamified exercises for all major programming languages and frameworks, including frontend, web, mobile, infrastructure-as-code (IaC), backend, and APIs. SCM-Manager users can take advantage of these without an account with Secure Code Warrior. The more than 30 topics include learning content on about 150 security vulnerabilities such as access control (including authentication and authorization), data processing (including XSS and DoS), insecure development practices, protecting sensitive data, and incorrect configuration.
The keyword list also includes synonyms for each term, as well as different spellings, to provide developers with relevant content in as many cases as possible.
The Secure Code Warrior learning content easily assists developers and reviewers in creating secure code. Two example scenarios:
Pull Request as a learning example: an experienced developer has closed a security vulnerability and then creates a pull request with keywords related to the corresponding security topic. The plugin automatically adds the relevant content from Secure Code Warrior. In this way, the pull request can be used as a learning example for team members, who can expand their knowledge of security topics in an entertaining, quick and easy way.
Learning while performing a review: An experienced developer performs a review of a pull request and finds a potential security vulnerability. To have it closed before the merge, he adds a comment or task to the pull request. Matching the terms that occur, the developer receives all the necessary information from Secure Code Warrior and can make the necessary changes.
Users can download the plugin for free at the following link: https://my.cloudogu.com/scw-for-scm-manager.
