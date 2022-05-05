Third-Party Analysis Illustrates Rapid Developer Knowledge Gain During Real-Life Training Exercises

PITTSBURGH, PA / ACCESWIRE / May 5, 2022 / HackEDU, a global provider of unmatched secure coding training for developers, today announced the release of its Secure Coding Report: Injection Vulnerabilities that is now available for all to download.

The paper offers practical steps for development teams to institute security-first approaches for their teams, with a particular focus on battling injection vulnerabilities that continually top the OWASP list of threats. Facing a need to create software at an ever-escalating pace, developers find themselves in the midst of seemingly never-ending cyberattacks, yet an academic and ongoing training environment that traditionally hasn't emphasized security at the foundational level of software creation.

HackEDU partnered with Derek Brink, Vice President and Research Fellow at Aberdeen Strategy and Research, to analyze HackEDU's secure coding training results to provide insights into the effectiveness of a security-first approach.

Brink discusses the benefits of embracing DevSecOps and the related shift-left approach that prioritizes application security testing much earlier in the software development phase. He also notes how a significant number of developers initially lacked the needed secure coding training, but achieved extremely favorable outcomes following HackEDU training.

Injection Vulnerability Training Analysis

Brink analyzed six HackEDU courses in the injection vulnerabilities category to share the true value of secure coding training and proactively avoiding web application flaws rather than remedying them later. Analyzing nearly 140,000 exercises taken by developers on this subject across the past 12 months, he uncovered:

45% of the developers were 100% successful in their first attempt to pass injection vulnerability courses

93% of developers had successfully learned the skills and were able to remedy injection vulnerabilities and protect their organizations from data breaches linked to that source

93% were also able to find and fix SQLi after less than 10 minutes of training - highlighting the ease at which a critical and pervasive flaw can be solved

"Analysis of the results of HackEDU's exercises with tens of thousands of developers has shown that it's possible to make a tremendous impact in a short amount of time with training that's not only effective but also embraced by developers on an ongoing basis," Brink said. "Secure coding training plus an optimal method of delivery -- such as HackEDU has demonstrated -- is a powerful combination for application security, one which enables an emphasis on prevention rather than the traditional and more costly focus on fixes."

HackEDU's training is designed for organizations seeking a continuous training program that can be automatically adaptive to vulnerabilities in software and also embraces proven learning science principles that drive engagement and learning retention. To download the report, click here.

