SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India
Secure Code Warrior launches AI governance learning
Application Security DevSecOps DLP

Secure Code Warrior launches AI governance learning

Tue, 2nd Jun 2026 (Today)
Joseph Gabriel Lagonsin
JOSEPH GABRIEL LAGONSIN News Editor

Secure Code Warrior has launched Adaptive Learning for its AI software governance platform. The feature is intended to connect developer training to real-time coding activity.

It links the company's Trust Agent product with its learning platform and triggers training when developers use AI tools or when vulnerabilities are identified in code repositories. The aim is to give organisations evidence of training outcomes at the commit level.

The launch comes as companies face growing concerns about how AI is reshaping software development practices and security oversight. Secure Code Warrior pointed to a sharp increase in code churn linked to AI adoption, citing Faros research showing that the ratio of lines deleted to lines added in merged code rose 861% each quarter.

The company also cited industry data showing wider use of AI tools by employees on company devices, alongside growing use of non-corporate accounts to access those services. According to the figures it referenced, source code is now the most common data type submitted to unauthorised external AI models, increasing the risk of intellectual property exposure.

Vulnerability management is another pressure point. Secure Code Warrior said vulnerability exploitation has overtaken credential abuse as the leading breach method, while only 26% of critical vulnerabilities were fully remediated in 2025 and median remediation time increased to 43 days.

How it works

Adaptive Learning is built around two elements: AI Signals and Vulnerability Signals. AI Signals are designed to detect which AI tools individual developers are using and connect that activity to targeted training based on the code they commit.

Vulnerability Signals connect data from security tools to learning assignments. The feature can identify vulnerabilities in repositories where developers are working and assign training relevant to those issues and the code under development.

It also includes policy controls that let customers define when training should be triggered based on AI usage signals. The system can identify developers interacting with AI tools through observed activity, assign training tasks through the company's quest format, and track completion and performance over time.

On the vulnerability side, the system supports application programming interface data imports from Checkmarx, SonarQube and Parasoft, alongside SARIF uploads. Scheduled synchronisation is planned.

Governance focus

The launch expands Secure Code Warrior's broader push into AI software governance, an area that has gained urgency as businesses seek to understand how AI-generated and AI-assisted code is created, reviewed and deployed. The company said its Trust Agent product was built to make AI influence in software development visible, attributable and enforceable.

Adaptive Learning is intended to move governance from monitoring to intervention by tying training directly to risky behaviour and code changes. It also creates auditable records of per-developer AI security training linked to production code.

According to Secure Code Warrior, those records can support compliance efforts tied to the EU AI Act, ISO/IEC 42001 and the NIST AI Risk Management Framework, positioning the product in a market where software governance tools are increasingly part of broader compliance and risk management programmes.

Pieter Danhieux, Co-founder and Chief Executive Officer of Secure Code Warrior, outlined the company's view of what enterprises now need from AI oversight in software engineering.

"At every stage, enterprises are trying to achieve three primary objectives: developers and agents must learn to build securely, businesses must govern what AI can and can't touch in the codebase, and security teams must be able to trace which AI did what, where, and for whom," said Pieter Danhieux, Co-founder and Chief Executive Officer of Secure Code Warrior.

He said the new feature is designed to turn that visibility into action.

"With SCW's Adaptive Learning, organisations and developers can swiftly move from understanding risk, to actively reducing it at scale, and with measurable proof at the commit level. This is imperative as developers move from more traditional workflows, to environments where they are orchestrators of autonomous agents," Danhieux said.

Image: Pieter Danhieux (Secure Code Warrior)
Related stories
Progress strategist warns on AI agent database deletion
Jazz urges stronger IP safeguards amid AI data leaks
API attacks surge as AI exposure raises cyber risk
CIS launches AI security guides for models & agents
Anthropic limits Claude Mythos over AI hacking fears
Top stories
BeyondTrust expands identity risk assessment for AI
Check Point Technologies: On vigilance, Mythos and beyond
Dragos acquires Phosphorus to widen OT security reach
Windows 11 sandbox flaw lets attackers escape with one click
XM Cyber boosts identity access tools for hybrid firms