OpenText announced a strategic
partnership with Secure Code Warrior to integrate its dynamic learning
platform into the OpenText Fortify application security product suite.
This partnership will help developers improve their secure coding skills
through real-time training to reduce risks, quickly identify and
resolve vulnerabilities, and ultimately build greater trust with
customers.
Cyberattacks exploiting unpatched software vulnerabilities continue to surge. According to OpenText Cybersecurity's 2024 Global Ransomware Survey,
62% of organizations that experienced a ransomware attack in the past
year traced the attack back to a software supply chain partner. The
Cybersecurity and Infrastructure Security Agency (CISA) in April
emphasized the importance of secure development with the 2024 Secure by Design guidance,
which helps organizations evaluate their software suppliers'
cybersecurity practices. In response, organizations are increasingly
adopting DevSecOps practices, integrating security into every stage of
the software development lifecycle.
The integration of Fortify and Secure Code Warrior supports these
DevSecOps and Secure-by-Design efforts by equipping organizations with
the ability to embed real-time security and risk management training
within the coding process. This allows development teams to move quickly
without compromising security, minimizing the risk of introducing
vulnerabilities, reducing remediation time, and preventing recurring
issues. By integrating security early, organizations can turn robust
cybersecurity and DevSecOps practices into a competitive advantage.
"Every organization is affected by insecure code-whether they're a
software company or simply using third-party software," said Muhi
Majzoub, Executive Vice President and Chief Product Officer, OpenText.
"Today, securing code is a fundamental requirement, not just a best
practice. It's essential for protecting the organization, its customers,
and its partners. Our work with Secure Code Warrior addresses the human
risk factors in software development, enabling organizations to embed
secure coding practices and giving developers the confidence to innovate
securely."
"In our new era of ‘AI-written code,' it is important that software
engineers develop critical thinking skills to spot insecure and secure
coding patterns, understand Secure-by-Design principles and new AI
security issues. Secure Code Warrior makes it possible for OpenText
customers to remediate vulnerabilities faster and address these issues
at the root cause. Our customers see a 53% vulnerability reduction and
2x faster remediation with their developers," said Pieter Danhieux, CEO
& co-founder, Secure Code Warrior. "Our partnership with OpenText
now provides a seamless application security and risk management
experience to solve this challenge."
Together, OpenText Fortify and Secure Code Warrior will help organizations by providing:
- Targeted Developer Training: Secure Code Warrior
transforms Fortify's SAST findings into tailored, agile secure code
training, equipping developers with the skills needed to identify and
fix vulnerabilities efficiently.
- Faster Remediation: The combination of Fortify's
insights and AppSec capabilities with Secure Code Warrior's guidance
simplifies code analysis so developers can quickly understand and fix
vulnerabilities, whether in application code or APIs.
- Enhanced Developer Skills: Secure Code Warrior
integration provides real-time, hands-on training, empowering developers
to write secure code from the start.
- Reduced Risk: Continuous learning and immediate
feedback help minimize security risks by preventing vulnerabilities in
the development phase. Integrated secure coding training reduces
vulnerabilities by up to 50%.
With Secure Code Warrior, OpenText customers can also benchmark their
security program against industry peers to establish a standard that
aligns with their business goals. Utilizing benchmarks provides a
baseline for performance comparison, enabling data-driven
decision-making and continuous improvement opportunities to optimize
security posture.