The new agreement empowers development teams with continuous upskilling to turn security into a strategic advantage, reduce risks, and elevate customer trust
OpenText (NASDAQ: OTEX), (TSX: OTEX) today announced a strategic partnership with Secure Code Warrior to integrate its dynamic learning platform into the OpenText Fortify application security product suite. This partnership will help developers improve their secure coding skills through real-time training to reduce risks, quickly identify and resolve vulnerabilities, and ultimately build greater trust with customers.
Cyberattacks exploiting unpatched software vulnerabilities continue to surge. According to OpenText Cybersecurity’s 2024 Global Ransomware Survey, 62% of organisations that experienced a ransomware attack in the past year traced the attack back to a software supply chain partner. The Cybersecurity and Infrastructure Security Agency (CISA) in April emphasised the importance of secure development with the 2024 Secure by Design guidance, which helps organisations evaluate their software suppliers’ cybersecurity practices. In response, organizations are increasingly adopting DevSecOps practices, integrating security into every stage of the software development lifecycle.
The integration of Fortify and Secure Code Warrior supports these DevSecOps and Secure-by-Design efforts by equipping organisations with the ability to embed real-time security and risk management training within the coding process. This allows development teams to move quickly without compromising security, minimising the risk of introducing vulnerabilities, reducing remediation time, and preventing recurring issues. By integrating security early, organizations can turn robust cybersecurity and DevSecOps practices into a competitive advantage.
“Every organisation is affected by insecure code—whether they’re a software company or simply using third-party software,” said Muhi Majzoub, Executive Vice President and Chief Product Officer, OpenText. “Today, securing code is a fundamental requirement, not just a best practice. It’s essential for protecting the organisation, its customers, and its partners. Our work with Secure Code Warrior addresses the human risk factors in software development, enabling organisations to embed secure coding practices and giving developers the confidence to innovate securely.”
“In our new era of ‘AI-written code,’ it is important that software engineers develop critical thinking skills to spot insecure and secure coding patterns, understand Secure-by-Design principles and new AI security issues. Secure Code Warrior makes it possible for OpenText customers to remediate vulnerabilities faster and address these issues at the root cause. Our customers see a 53% vulnerability reduction and 2x faster remediation with their developers,” said Pieter Danhieux, CEO & co-founder, Secure Code Warrior. “Our partnership with OpenText now provides a seamless application security and risk management experience to solve this challenge.”
Together, OpenText Fortify and Secure Code Warrior will help organisations by providing:
- Targeted Developer Training: Secure Code Warrior transforms Fortify’s SAST findings into tailored, agile secure code training, equipping developers with the skills needed to identify and fix vulnerabilities efficiently.
- Faster Remediation: The combination of Fortify’s insights and AppSec capabilities with Secure Code Warrior’s guidance simplifies code analysis so developers can quickly understand and fix vulnerabilities, whether in application code or APIs.
- Enhanced Developer Skills: Secure Code Warrior integration provides real-time, hands-on training, empowering developers to write secure code from the start.
- Reduced Risk: Continuous learning and immediate feedback help minimise security risks by preventing vulnerabilities in the development phase. Integrated secure coding training reduces vulnerabilities by up to 50%.
With Secure Code Warrior, OpenText customers can also benchmark their security program against industry peers to establish a standard that aligns with their business goals. Utilizing benchmarks provides a baseline for performance comparison, enabling data-driven decision-making and continuous improvement opportunities to optimise security posture.