SCW Trust Agent measures developers’ security competencies for code commits
Secure Code Warrior introduced SCW Trust Agent – a solution that assesses the specific security competencies of developers for every code commit.
This innovative offering enables CISOs and application security (AppSec) teams to embrace a Secure-by-Design approach with deeper visibility into their organizations’ software development security posture.
The launch of SCW Trust Agent follows the company’s rollout of SCW Trust Score, the first industry benchmark that quantifies the security posture of organizations’ developer teams. Both innovations apply over 20 million learning data points collected from 250,000 developers around the world. These deliver quantitative mechanisms that, when paired with Secure Code Warrior’s agile learning platform, become an integral part of an organization’s secure software development lifecycle.
“At Secure Code Warrior, we are unlocking new value for CISOs by giving them an easy-to-deploy solution to measure the health of code commits and visibility into the hundreds of source code repositories in their organization,” said Pieter Danhieux, CEO, Secure Code Warrior. “Our innovations are putting organizations in a better position to bridge the visibility gap between a developer’s skill sets and quality of code produced without sacrificing development velocity.”
SCW Trust Agent works seamlessly with any Git-based code repository including GitHub, GitLab, Atlassian Bitbucket and more. With every commit, it looks to see if the developer making it has the prescribed secure code skillset in the commit’s programming language. It uses this information to give a rating on the health of that commit and aggregates these ratings across all of your repositories.
SCW Trust Agent delivers greater control and flexibility for developer gatekeeping. It allows administrators to set up policies and criteria, ensuring developers meet a baseline set of standards and expectations before developing code. For any gaps in developer skills, they can reference the SCW agile learning platform to upskill their language specific knowledge and competencies.
Overall SCW Trust Agent delivers:
- Improved security controls: Customize policy configuration based on the sensitivity of project requirements
- Comprehensive visibility: Actionable insights into the security posture of every commit across all of your code repositories
- Developer-led security at scale: Deliver projects securely at speed – allowing application security teams to focus on the most sensitive security reviews