Before customers buy from you, they ask “Can you prove that your application is secure, and that you will protect our data if we give it to you?” Companies around the world struggle to answer this question, especially with the advancement of DevOps and rapid changes/deployment of applications into production. As such, we launched Verified to help you prove to your customers that you adopt security best practices for your applications and the developers that support them on an ongoing basis.
Veracode Verified is a three-tier maturity program that includes several training elements. For example, to reach the Verified Team tier, one requirement is to select and train a security champion. A requirement to reach Verified Continuous is to roll out security fundamentals training to all developers working on an application.
Veracode Introduces Learning Levels
In order to help companies track the maturity of their eLearning program and their progress toward Verified tiers, Veracode launched learning levels in the eLearning product. The new enhancement to eLearning includes the following:
Learning Levels: There are three levels that individuals can reach within the platform. Each level has a requirement in terms of specific courses a user must complete in order to obtain that level.
Level 1 – Developer Security Fundamentals
Level 2 – Verified Team Security Champion
Level 3 – Verified Continuous Security Champion
Visit our website for more details on developer training.
Platform Badges: There are now badges next to user names that align to the level the user has reached. This allows managers to quickly identify that their teams have met their policy requirements for eLearning.
Certificate: Users can also download a certificate that shows their name, the level they reached, and the date they achieved their status.
Reporting: Managers can download a report for their teams on the levels they achieved, and the date it was achieved.
A Variety of Developer Training that Meets Your Specific Needs
With the increased speed of development, plus security shifting “left,” developers need to catch security-related defects on their own as often as possible. However, most developers have had no opportunities to learn secure coding, in school or on the job. Veracode offers application security leaders the chance to engage developers with various types of training, from self-service eLearning to fully customizable on-site workshops.
Learn more about proving the security of your development process with our Verified program, and the different training elements needed to become Verified.
This is a companion discussion topic for the original entry at http://www.veracode.com/blog/managing-appsec/new-elearning-learner-levels-streamline-verified-progress