Image Credits: hh5800 / Getty Images
In 2015, Pieter Danhieux and Matias Madou, both cybersecurity analysts, came to the realization that they wanted to provide a way to make software more secure by empowering developers with the skills and tools to enhance their speed of delivery. They struggled with how to accomplish this, initially. But Danhieux and Madou eventually decided to create a learning platform that could help developers apply and retain software security principles.
It was easier said than done; cyber education has long been the bane of the enterprise’s existence. According to a recent survey from Kenna Security and TalentLMS, 77% of employees report that their company has an established cybersecurity policy but 19% admit that they’re not familiar with it.
“The digital economy runs on software and applications whose underlying code is often not evaluated for security flaws until far too late in the software development lifecycle, resulting in costly rework and remediation,” Danhieux told TechCrunch via email. “Software teams are challenged to meet demanding delivery timelines and release secure applications. Secure-aware developers can be the difference-makers here, but they need and want multiple agile learning pathways that empower them to refine their secure coding skills.”
The platform Danhieux and Madou created, Secure Code Warrior, seeks to provide these pathways through a modular, customizable learning experience. Customers can have developers in their employ learn at their own pace by watching videos and completing walkthroughs, focusing on secure coding concepts in the programming language that they choose and at their own speed. Or they can create modules for developers to hone in on particular topics, either from scratch or using premade templates.
Secure Code Warrior provides assessments to challenge and test developers’ knowledge. And it hosts tournaments, which aim to promote learning through competition.
“Over the last several years, we’ve focused on being integrated into the developer toolkit and within their workflow, so that we can provide multiple pathways of learning and content to developers,” Danhieux said. “In our particular community, we’re focused on its potential power to enhance developer productivity, but there is no denying that we’re only scratching the surface of its capacity to exacerbate cybersecurity risk.”
Secure Code Warrior’s breadth and depth is impressive. But it’s just one of countless companies building cybersecurity skills tools — albeit not necessarily developer-oriented.
Consider Cybrary, whose e-learning portal offers access to training content, including online courses and tools, built around adversary techniques and vulnerabilities. Elsewhere, there’s the gamified hacking platforms Hack The Box and Immersive Labs. That’s not to mention Hunter2 and Habitu8, which Arctic Wolf acquired in 2021, among others.
Secure Code Warrior’s attempting to differentiate itself with features such as Coding Labs, which lets developers do real-time coding in an in-browser integrated development environment.
“Developers we’ve spoken to have really enjoyed Coding Labs because it’s given them more options that match up better with their individual learning styles and keeps them within their workflow,” Danhieux said. “Traditional learning and upskilling efforts for security tend to fail as they are often rigid, and use less relevant information and context.”
Today, Secure Code Warrior is used by more than 400,000 developers and 600 enterprises, including JPMorgan Chase, Atlassian, Salesforce and Cisco, Danhieux claims. The company’s not yet profitable, but it’s hoping to achieve that in 2025.
Investors have faith, seemingly. Secure Code Warrior today closed a $50 million Series C funding round led by Paladin Capital Group. It brings the company’s total raised to over $100 million, and Danhieux says that it’ll be put toward continuing to improve the Secure Code Warrior platform and growing the startup’s 220-person workforce in the areas of sales, customer success and product development.
It’s certainly a profitable market to find oneself in. One VC firm, Cybersecurity Ventures, predicts that the global security awareness training segment will exceed $10 billion annually by 2027, up from around $5.6 billion in 2023, based on 15% year-over-year growth.
“There’s no denying that it has been a difficult couple of years for many sectors, but vulnerabilities are rapidly evolving and creating secure code has never been more important. That’s why we’re confident about our present,” Danhieux said. “We’re one of the only companies that provides an enterprise-grade learning platform for developers as that has been our core focus from its inception, from being GDPR compliant to accessibility design.”