MA-SECURE-CODE-WARRIOR
New research from Secure Code Warrior ® , the global secure coding company, has revealed an attitudinal shift in the software development industry, with organisations bucking traditional practices for DevOps and Secure DevOps.
The global survey of professional developers and their managers found seven in 10 organisations (70%) recognise the importance of secure coding practices, with results indicating an industry-wide shift from reaction to prevention is underway.
Dr. Matias Madou, Chief Technology Officer and Co-Founder at Secure Code Warrior, said, “We are seeing a fundamental shift in mindsets across the world, as the industry slowly moves from reactive, band-aid solutions rolled out after a breach, to the proactive and human-led practice of writing quality software that is intrinsically free from vulnerabilities right from the very first keystroke. ”
“This research shows that ‘secure code’ is becoming synonymous with ‘quality code’ within software development, and security is becoming the responsibility of development teams and leaders—not just AppSec professionals, ” he said.
Secure coding seen as ‘reactive’
Reactive practices like using tools on deployed applications and manually reviewing code for vulnerabilities were the top two practices respondents associated with coding securely. However, a proactive shift in mindset was evidenced across the globe, with more than half (55%) of the developers surveyed also recognising secure coding as the active, ongoing practice of writing software protected from vulnerabilities.
Managers and developers are misaligned
Over half (55%) of managers surveyed said secure coding was practised and integrated throughout the entire development process, compared to only 43% of developers. Conversely, 36% of developers consider secure coding during development but not the design phase, as opposed to under one-third (32%) of managers.
Secure code an increasing indicator of success
While those surveyed identified ‘application performance’ and ‘functionality and features’ as the most common success metrics within software development (67% and 62% respectively), almost four in five (79%) respondents said the importance of ‘secure code’ was growing in prominence.
Application security is shifting
Almost half of respondents (46%) said development leads and teams should be responsible for application security rather than AppSec teams (24%). Over eight in 10 (81%) developers surveyed said they were accountable for any vulnerable code produced.
Developers motivated to upskill
‘Increased productivity and efficiency’, ‘curiosity’ and ‘avoiding problems caused by insecure code’ were identified as the leading intrinsic motivators to learn secure coding (20%, 14% and 11% respectively). Despite only 10% of respondents listing career advancement as a personal motivator, four in five (81%) managers were more likely to hire talent with secure coding skills.
More training is needed
91% of managers surveyed said they faced greater than average difficulty when implementing secure coding practices within their organisation, despite the overwhelming majority of respondents (97%) believing they were sufficiently trained. Perhaps, this is because almost nine in 10 (88%) developers surveyed said coding securely was challenging.
Madou added, “With OWASP’s Top 10 software vulnerabilities causing more security breaches over the past two decades than any others, now is the time for businesses to upskill developers to gain the knowledge and skills needed to stamp out insecure code and prevent issues from occurring in the first place. ”
“Code is at the heart of everyday interactions, and Secure Code Warrior is focused on championing security-skilled developers who can create amazing, safe software for our connected world .”
To gain early access to the report, ‘Shifting from reaction to prevention: The changing face of application security 2021’, register your interest at scw.buzz/earlyaccess
Methodology
Secure Code Warrior® commissioned Evans Data Corporation, the market intelligence leader within the IT industry, to conduct a global survey of developers and decision-makers actively engaged in software development. In August 2020, 400 respondents were surveyed across North America, India, the United Kingdom, Europe, Australia, New Zealand and South-East Asia.
About Secure Code Warrior
Secure Code Warrior is the developer-chosen solution for growing powerful secure coding skills. By making secure coding a positive and engaging experience for developers as they increase their software security skills, our human-led approach uncovers the secure developer inside every coder, helping development teams ship quality code faster.
Through inspiring a global community of security-conscious developers to embrace a preventative secure coding approach, our mission is to pioneer a people-first solution to security upskilling, stamping out poor coding patterns for good. Learn more at securecodewarrior.com .
View source version on businesswire.com: https://www.businesswire.com/news/home/20210323006113/en/
Link:
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Andersen Consulting tilføjer samarbejdspartneren Cloud2321.11.2025 18:45:00 CET | Pressemeddelelse
Andersen Consulting indgår en samarbejdsaftale med Cloud23, en næstegenerations konsulentvirksomhed, der integrerer data og kunstig intelligens med henblik på at drive digital transformation. Cloud23 er baseret i Sydafrika og leverer intelligente, platformsbaserede løsninger til kunder inden for sektorer som finans, telekommunikation, sundhedsvæsen og produktion. Virksomhedens ydelser spænder over Salesforce-rådgivning og -implementering, managed services og ai-strategi, hvilket giver organisationer mulighed for at modernisere kundeengagement, optimere driften og skabe målbare resultater. “Vores mål hos Cloud23 har altid været at forenkle transformation gennem smart, skalerbart design,” udtaler Ram Ramakrishnan, stifter og administrerende direktør for Cloud23. “Vi fokuserer på at afstemme teknologi med formål og levere resultater, der understøtter langsigtet vækst, kundeværdi og innovation. Samarbejdet med Andersen Consulting giver os mulighed for at styrke vores mission og opnå en stø
AI Takes Out the Trash: Largest U.S. Recycling Project to Extend Landfill Life for Virginia Residents21.11.2025 13:30:00 CET | Press release
Southeastern Public Service Authority of Virginia contracts with AMP to cost-effectively process municipal solid waste, boost recycling and landfill diversion rates The Southeastern Public Service Authority of Virginia (“SPSA”), the regional waste authority for South Hampton Roads, has signed a 20-year contract with Commonwealth Sortation LLC, an affiliate of AMP Robotics Corporation (together, “AMP”), to provide solid waste processing services for SPSA’s eight member communities and their 1.2 million residents. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251120330758/en/ Building on a nearly two-year pilot project in Portsmouth—which featured an AMP ONE™ system capable of processing up to 150 tons of locally sourced municipal solid waste (“MSW”) per day—AMP will now scale its technology region-wide. Under this long-term partnership, which will facilitate the largest recycling project in the country, AMP will deploy addit
RSA Recognized for the Second Consecutive Year in the 2025 Gartner® Magic Quadrant™ for Access Management21.11.2025 13:00:00 CET | Press release
RSA, the security-first identity leader, today announced that RSA® ID Plus has been recognized for the second year in a row in the Gartner® Magic Quadrant™ for Access Management. “The RSA Access Management strategy has never been about being everything to everyone,” said Greg Nelson, RSA CEO. “We specialize in protecting organizations where risk tolerance is at its lowest and security requirements are at their highest. Our focus is intentional: providing security-first access management that supports compliance, ensures resilience, and delivers confidence at scale.” “RSA specializes in the workforce access management use cases where security, compliance, and operational resilience are non-negotiables,” said Jim Taylor, RSA President, Chief Product and Strategy Officer. “Our product development strategy will continue to emphasize the key qualities that highly regulated industries prioritize, including user experience, strong support for workforce management, and intelligent posture mana
NIQ and Amazon Marketing Cloud (AMC) Collaborate to Measure Reach and Impact of Cross-Platform Ad Campaigns in Italy21.11.2025 09:00:00 CET | Press release
NIQ and Amazon Marketing Cloud (AMC) have announced a new collaboration to study the effectiveness of cross-platform advertising across linear TV and Amazon Ads inventory in Italy. Through the collaboration advertisers and agencies will gain actionable insights into the relative performance of ad placements across digital, linear TV and streaming environments, including how each contributes to incremental reach and influences product purchases on Amazon’s ecommerce platforms. The insights are made possible by using high-quality data from Sinottica®—a well-established single-source consumer panel in Italy owned by NIQ—with data from Amazon Marketing Cloud. Specifically, the research will leverage Sinottica’s linear TV data alongside several Amazon inventory sources, including Amazon DSP, Sponsored Ads (Products, Brands, Display), and Streaming TV (Prime Video, Twitch, Fire TV). This approach will enable a deeper understanding of how ad exposure across digital and TV channels translates
Ahead of Holiday Season, Visa Identifies Five Transformative Forces Reshaping Global Payment Security20.11.2025 19:50:00 CET | Press release
New Biannual Threats Report Reveals Fundamental Shift in Fraud Operations as Criminals Adopt Industrial-Scale Tactics To celebrate International Fraud Awareness Week, Visa (NYSE: V) today released its Fall 2025 Biannual Threats Report, revealing five forces that are transforming the global payments security landscape. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251120412198/en/ The report, produced by Visa's Payment Ecosystem Risk and Control (PERC) team, draws on intelligence from Visa's global network to identify how criminal operations are evolving with unprecedented speed, scale, and sophistication. "The payments ecosystem is experiencing a paradigm shift in how fraud operates," said Paul Fabara, Chief Risk and Client Services Officer at Visa. "Criminals are no longer working as opportunistic individuals-- they're operating like tech startups, building reusable infrastructure and deploying systematic, industrial-scale
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom