OpenText partners with Secure Code Warrior to boost security

OpenText and Secure Code Warrior have announced a strategic partnership to integrate Secure Code Warrior's dynamic learning platform into the OpenText Fortify application security product suite.

The collaboration aims to enhance developers' secure coding skills with real-time training, thus reducing risks, efficiently identifying and resolving vulnerabilities, and fostering greater trust with customers.

Cyberattacks that exploit unpatched software vulnerabilities are on the rise. OpenText Cybersecurity's 2024 Global Ransomware Survey indicates that 62% of organisations experiencing ransomware attacks in the past year traced the origin back to a software supply chain partner. The Cybersecurity and Infrastructure Security Agency (CISA), in April 2024, underscored the importance of secure development through its Secure by Design guidance, which advises organisations to evaluate the cybersecurity practices of their software suppliers. As a result, more are adopting DevSecOps practices, integrating security throughout the software development lifecycle.

The integration of Fortify and Secure Code Warrior supports organisations in DevSecOps and Secure-by-Design initiatives by embedding real-time security and risk management training within the coding process. This approach enables development teams to work swiftly without sacrificing security, thereby minimising vulnerability risks, reducing remediation time, and preventing recurring issues. By incorporating security at an early stage, organisations are positioned to harness robust cybersecurity and DevSecOps practices to gain a competitive edge.

"Every organisation is affected by insecure code—whether they're a software company or simply using third-party software," said Muhi Majzoub, Executive Vice President and Chief Product Officer, OpenText. "Today, securing code is a fundamental requirement, not just a best practice. It's essential for protecting the organisation, its customers, and its partners. Our work with Secure Code Warrior addresses the human risk factors in software development, enabling organisations to embed secure coding practices and giving developers the confidence to innovate securely."

Pieter Danhieux, CEO & co-founder of Secure Code Warrior, commented on the challenges posed by AI-written code. "In our new era of 'AI-written code,' it is important that software engineers develop critical thinking skills to spot insecure and secure coding patterns, understand Secure-by-Design principles and new AI security issues. Secure Code Warrior makes it possible for OpenText customers to remediate vulnerabilities faster and address these issues at the root cause. Our customers see a 53% vulnerability reduction and 2x faster remediation with their developers," he said. "Our partnership with OpenText now provides a seamless application security and risk management experience to solve this challenge."

OpenText Fortify and Secure Code Warrior collectively will offer organisations targeted developer training, faster remediation, enhanced developer skills, and reduced risk. Secure Code Warrior transforms Fortify's findings into agile secure code training, helping developers identify and resolve vulnerabilities swiftly. This integration leads to continuous learning and immediate feedback, significantly reducing security risks by preventing vulnerabilities during development.

Additionally, OpenText customers can benchmark their security programmes against industry peers using Secure Code Warrior, enabling data-driven decision-making and opportunities for continuous improvement to enhance security posture.