Posted by Matt White on April 24, 2018
Synopsys eLearning goes beyond your typical training solution. Our course offerings provide developers with targeted training that centers specifically on the security frameworks and platforms they’re using.
That way, once they’ve completed their highly focused Synopsys eLearning courses, they can go back to work with new, targeted skills. As they continue writing their projects, developers will be prepared to look for vulnerabilities such as those identified in the OWASP Top 10.
We want developers to walk away from our training with a clear understanding of how to code more securely. We don’t want them to walk away with a list of things to research more in depth, which is what many eLearning courses I’ve attended have provided me. As instructors, my colleagues and I want to get to the point during the course itself. The way we go about this is with a storytelling approach. We’re big fans of calling out specific, real-world examples and scenarios, examining what happened, and going into what could have been done differently.
In a scenario such as Equifax, what they could have done differently was as simple as keeping their software updated. That’s one of the fundamental points we try to make in a good deal of our eLearning courses: Keep your software up-to-date!
I’ll expand on that a bit: In a lot of major breaches, the attack vector isn’t a highly complex point of entry. Developers are a key player in these scenarios. This is why our eLearning structure ventures past the theoretical—we examine real-world situations.
By applying the material in our courses to these true stories, we can help learners more easily picture themselves in those scenarios. This is good for retention. Learners can look at our stories and think, “Whoa, if that happened at my firm, how many people would be on the chopping block? But imagine if I could have caught that before it went into production! That entire situation could have been avoided.”
Developers around the globe are grappling with some highly technical topics and widespread issues. We like to break those down and pull in news stories or situations that bring some real-world perspective. The relatability of this approach makes things resonate on a much more valuable level with learners. This keeps learners up-to-date with what’s going on, makes it interesting and relatable, and encourages them to become more secure coders.
If facts are passengers in the mind, stories and examples are the vehicles they ride in. Long after developers have completed a course, the stories and examples—and thus the facts—will stay with them. Every time they go to commit code, they should be covering their bases. “Let me double-check that. Should I run a scan one more time just to make sure I haven’t introduced something?” These are the thoughts that really make code more secure. It’s very important that developers develop these skills, and that’s something that comes directly from our material.
Get the latest AppSec news and trends sent directly to you.