Perforce Improves Secure Code Delivery for Enterprise Development Teams
Integration with Secure Code Warrior efficiently integrates security best practices into the developer workflow
MINNEAPOLIS, November 18, 2021 — Perforce Software, a provider of solutions to enterprise teams requiring productivity, visibility, and scale along the development lifecycle, today announced new functionality to speed remediation of discovered defects in automated scans. Delivered via an integration with Secure Code Warrior, Klocwork customers can instantly connect to resources that explain how to mitigate vulnerabilities as they develop code. This allows organizations to increase code safety and developer knowledge within the daily developer workstream.
The integration makes secure coding an engaging experience for developers, with relevant skills-based pathways to write secure code at speed. Connecting the relevant SCW learning resources to the security vulnerabilities as they are detected by the SAST tools running within the developer desktop tools, or as part of the CI/CD pipelines means that Klocwork and the Secure Code Warrior learning platform empower developers to remediate errors quickly and continuously enhance their skillset.
“Developers need a simplified, seamless way to gain access to the necessary software security training while also maintaining code development velocity. With this integration, we’ve made it easy for development teams to learn as they go at the relevant time and via the relevant interface, ” says Eran Kinsbruner, Perforce DevOps Evangelist. “The knowledge they gain allows developers to work smarter and faster to move projects forward.”
In a recent survey from the Ponemon Institute, it was revealed that 53% of developers had not participated in any secure code training. Additionally, it found that with faster release cycles, there is less time for testing which creates more opportunities for vulnerabilities to make their way into production code.
"Developers are typically measured on their ability to produce code and create features quickly, staying agile to meet tough release deadlines. Even at the tertiary level, their opportunities to learn secure coding are very few, and on-the-job training tends to be too generic. However, this is a status quo we are committed to changing, and it's partnerships like this one with Klocwork that can truly elevate developers to produce higher-quality code that is not just secure but delivered at speed." Matias Madou, CTO and co-founder, Secure Code Warrior
As cybersecurity is a top focus for enterprises across the software development spectrum, the adoption of a culture of secure application development across every team that touches the SDLC is an important first line of defense. For more information on the benefits of this new capability, visit Perforce.com.