This feature is in Beta. To participate, please contact your Account Team.
Overview
Upskill your development teams based on vulnerability findings!
Access Secure Code Warrior’s pre-built learning modules directly from the HackerOne Platform or supported developer tools. Target learning modules based on the vulnerability types to improve code quality and prevent security vulnerabilities.
Use Cases
Utilize insights from HackerOne reports to provide pre-built training sessions, directly addressing common coding errors and security gaps.
Empower security teams to focus on more strategic, high-impact initiatives by automating targeted routine training suggestions on vulnerability findings.
Equip developers with the knowledge they need to prevent vulnerabilities at the source, enhancing their efficiency and reducing the need for later remediation.
Finding Recommended Learnings
In the HackerOne Platform
Go to Findings and identify reports with an established weakness.
Select a vulnerability report with a weakness.
Click on View training for CWE-XXX to go to Secure Code Warrior for recommended learning.
Log in to SCW.
Select the coding language.
Complete training to prevent future security vulnerabiltiies.
Supported Formats/Developer Tools
Escalate report data and relevant learning to prevent future security vulnerabilities in HackerOne integrations supporting markdown, Jira, and ServiceNow Applications.
The following integrations are currently supported.
ServiceNow
Jira
GitHub
Linear
Azure DevOps
Asana
ClickUp
Integrations
To add recommended Secure Code Warrior (SCW) learning content to tickets escalated from HackerOne reports, the following integration variables have been added:
secure_code_warrior
secure_code_warrior_jira
These integration variables contain a high-level description of the vulnerability and a link to relevant training exercises on the Secure Code Warrior platform.
For instructions on how to use the integration variables, please refer to the documentation in the setup for your specific integration.
Example configuration for Jira integration: