27th Jan 2018. Secure Code Warrior’s birthday falls one day after Australia Day. I realised while contemplating another fantastic year that I actually have two three year olds in my life, one business and one human… with remarkable similarities:
- They are trouble to put to bed in the evening without a proper routine
"Just reading that last email which just came in … or wait, I quickly need to sync on the phone with our team in the US… or this proposal really needs to go out by tonight. Damn. It’s past midnight again."
- They make you so proud when they achieve something
Even if you didn’t sleep properly for 3 weeks, had no time to exercise or just had to clean-up a mess… but your pilot demonstrated the impact on security skills of developers and the customer is happy to commit working with us for another three years! BOOM! Energy peaks. And cakes everywhere. Suddenly, the lack of sleep doesn’t matter so much.
- They grow up so quickly
Gone are the days where you could sneak out with the team to Bali and work from the beach house on the next features of the platform. Our start-up has grown between 4-6 fold in the last year (depending if you measure staff, customers or revenue) with engineering in Sydney (AU) and Bruges (BE) and sales and marketing in USA, Europe and Australia. I remember a year ago when I was really excited having one of the big Australian banks as a customer. Today, we’re working with 10 of the top 100 global financial institutions as well as some of the key telecom and technology companies that are building the next generation of online services (note: I am still really proud of the Aussie banks, who were our first customers!).
We’ve grown up so fast on so many fronts but one of the key milestones last year was actually defining a vision for our company. In the early years, we were so focused on building, executing and making sure there was cash that we often forget to stop and reflect on exactly what we want to achieve. The more people join Secure Code Warrior and the more customers we brought on board, the more important it was to have a consistent vision and understand where we are going. We did that in 2017.
Another key milestone was technology related. We realised early on that building the skills of a developer is only the start of the secure coding journey. They need tools around them to make security embedded and easy rather than an afterthought or something that you think of when you’re done writing the code. No, security needs to be built from the start, while writing code.
Our team has worked very hard on writing security coaching plug-ins for the most common IDE’s (IntelliJ, Visual Studio, Android Studio to name a few) that will actually help the developer to write more secure code. Not by solely pointing out potential security weaknesses but to really be a coach and jumping in when developers are writing code that is not aligned with leading practices in security. The security coaching plug-in is called Sensei and it truly allows a developer to be trained on-the-spot (micro-learning) and in some cases, it will offer an auto-correct option to fix code instantly.
I am really excited about what the next 12 months are going to bring. We are already seeing that software security is no longer just the concern of the biggest developer-heavy companies like banks, telecom or technology companies. Organisations of all types continue to be compromised by software weaknesses and although SQL injection might finally die, there are a range of other ones waiting to take its place.
There is now a heightened expectation from customers, markets and boards across all industries that companies protect the security of their code. Compliance will keep pushing organisations in this direction too (eg. GDPR for anyone doing business in Europe, Data Breach laws coming in Australia etc.)
This means I am confident our SCW platform will continue its rapid growth across the world and across new industries. That’s good news for our business of course, but it is also helping my team to deliver on our vision, which I believe is very worthwhile for the software era that we live in.
Developers using our tools really can and are taking a more proactive role in the security of their company. They have the skills and tools to write secure code, to be the first line of defence for their company.
I feel the same way about being a parent of a three year old and CEO of Secure Code Warrior: every year is better than the last. I can’t wait to see how the four year old develops!
Our vision is to empower developers to be the first line of defence in their organisation by making security highly visible and providing them with the skills and tools to write secure code from the beginning.