Aspect Security has launched a free baseline knowledge tool that claims to produce an accurate assessment of a development team's knowledge of application security. Secure Coder Analytics can be accessed online to determine the skill set and level of a group of developers or individuals.
- IDC Analyst Connection: Using Blade Systems to Cut Costs and Sharpen Efficiencies
- Application Testing Strategies in the IBM z/OS Environment
- Strategy: How to Conduct an Effective IT Security Risk Assessment
- Strategy: Smartphone Smackdown: Galaxy Note II vs. Lumia 920 vs. iPhone 5
- The Untapped Potential of Mobile Apps for Commercial Customers
- Why is Information Governance So Important for Modern Analytics?
"How do you know what you don't know? That's the challenge facing development teams that want to develop secure code. There's no shame in not knowing all of the tricky aspects of application security, and now you can find out where your gaps are," said Jeff Williams, CEO of Aspect Security.
Williams is also cofounder of the Open Web Application Security Project (OWASP), and he contends his firm's Secure Coder Analytics takes a developer approximately 20 minutes to complete and tests knowledge in various security areas via a multiple-choice assessment.
Questions are randomized from what is said to be an "extensive" pool of questions. Managers of development teams can set up their own tests and invite developers to participate anonymously. After participating, each developer sees their own grade and managers can see aggregate scores that reveal the strengths and weaknesses of the team as a whole.
Aspect Security's eLearning curriculum features 53 learning modules at three different levels of technical depth. The company says that its eLearning solution is in use by developers worldwide at many corporate entities, including giants in the financial, shipping, and logistics and airline industries and government agencies.