Secure Code Warrior for Azure Boards
Secure Code Warrior for Azure Boards brings secure coding learning to Azure DevOps, making it easier for you to access the highly relevant learning resources when you need them. Available in a number of programming languages and frameworks, these resources are fetched from our Learning Platform based on the vulnerability descriptions found in work items.
Get the help you need at the right time
When a vulnerability work item is assigned to a developer, they are given help - in the form of learning content - to resolve the issue. We call this contextual learning - bite-sized and highly relevant to the vulnerability in question.
Uses CWE or OWASP references to identify content
This extension will serve training content based on Common Weakness Enumeration (CWE) or Open Web Application Security Project (OWASP) references identified within the work item title, description and tags. This has been designed to work with several popular security tools that can be configured to push findings into Azure Boards with these references automatically. If no references are included, this app will fall back to searching for common vulnerability names and phrases.