Early March, I and SecurityDrops with me joined SCADEMY - Secure Coding Academy. You probably noticed the new design, which aligns with them. That's the surface, and I assure you there is a lot more to this than a few CSS changes :)
Whenever a change comes along, there are three things worth looking at.
The past, what happened? What led up to the change?
The present, what is going on right now? What is changing immediately?
The future, what to expect, and where are we going?
This post addresses the above questions.
Drops of Security
At the end of 2016, I started this blog to help fellow software engineers navigate security. The landscape is vast, lots of maps and guides exist. Security people write these articles, and this is reflected in the content as well. My goal was — and still is — to talk about security from a developer's point of view.
Hence, SecurityDrops was born. Fundamentals for Developers. From high-level theory on how security fits into your daily work, through peeking into “black-box” crypto to practical knowledge that's easily connected to things you already know. Security is vast, but with a good mindset and a guide, navigating the field becomes a lot more effective.
“security is all about smart-tradeoffs”
So why join SCADEMY?
I am passionate about spreading security knowledge. I think it's important, and I believe the more engineers take it seriously, the better off we are as a community. Incidentally, that's also what SCADEMY stands for.
Their, or shall I say our, mission is to develop secure coders who not just can but are also eager to create rock-solid applications.
“Our mission is to train 1.000.000 software developers and transition them to be motivated secure coders.“
In essence, by joining SCADEMY, my efforts gain a multiplier.
A bit more about SCADEMY
SCADEMY - Secure Coding Academy delivers on-site, hands-on secure coding trainings. They have been doing this since 2014 and have trained more than 4000 software developers in 35 countries. Due to the COVID-19 epidemic, these trainings are now entirely online in a virtual classroom.
Our offering covers a wide variety of topics from OWASP fundamentals down to chip-set security and everything in-between. Many courses are programming language-specific (e.g., C#, Java, C/C++, PHP, Python) and dive into how a given vulnerability is exploited in different environments. During our courses, attendees execute real-life attacks against a prepared application.
“Lots of general topics, real world examples, and easily understandable exercise.“
We deconstruct and re-assemble attacks and explore how specific countermeasures work. By giving such a detailed view of vulnerabilities, participants gain excellent hands-on knowledge about various defense techniques. This, combined with our experienced trainers, results in a fun and engaging learning experience.
Reviews from participants
SCADEMY trainings are very well received by participants. Our courses consistently receive great reviews. These encourage us to march towards our goal of 1.000.000 secure coders.
What's coming next?
From March 2021, SecurityDrops has become the official blog of SCADEMY. This blog is no longer a 2nd-class citizen in my life. I will dedicate more time to the blog and curating its content.
Expect content—more and better quality content from experienced peers alike and me. I am also broadening the scope of the blog. Initially, I planned to focus on web security only, and now with SCADEMY, I can touch on a lot more.
An excellent example of this is the coverage of security news from a developer's perspective. These include posts about the sudo bug, the VMWare vCenter RCE, or the most recent Exchange 0-day.
If you liked the content so far, I promise you will get even more value out of it.
A note to newsletters subscribers
From March, you will be receiving newsletters from SCADEMY and not me personally. I hate unsolicited mail just like you do, so this won't be automatic. You will be required to confirm your subscription to keep receiving content.
If you are not okay with this, I understand. Ignore the resubscribe request, and I will remove you from the list, no hard feelings. You can always come back should you wish to do so. ;)