[ad_1]
In my earlier weblog submit, ”So, You Can Code… However Can You Write Safe Code?“, we talked about how our companion Safe Code Warrior (SCW) can be an integral a part of Cisco DevNet Create but once more, for the second time in a row. Within the weblog submit you’ll be able to learn extra about the way it went, the winners, and naturally what occurs subsequent!
Devvie Defends: Problem (Spherical 1)
As a reminder, this yr we determined to go along with a 2-phased event. The primary event, “Devvie Defends,” has been held final week at DevNet Create 2021. The Devvie Defends: Problem align with Cisco’s give attention to Cloud Native purposes.
Individuals
We had a complete of 371 individuals who actively participated in 1 or extra problem, and we had 204 members actively becoming a member of in on the Devvie Defends event. Collectively, they spent a complete of 386 hours (about 2 and a half weeks) in these challenges. In complete, 5,646 challenges had been accomplished by these safe code warriors (or ought to I name them legends?)!
Programming languages
As chances are you’ll keep in mind, the event included in style net utility language frameworks like GO, Node.js Specific, and Python together with some classics like Java and C# .NET to select from. Python Django was by far the most well-liked selection, taking round 75% of the eye of the members. The opposite 25% consisted of JavaScript (10%), C# (7%), Java (4% and GO (4%).
Trying on the PYPL record of hottest programming languages, it is smart that Python is on the highest of the record. Additionally, as fellow Dutchman and College of Amsterdam (UvA) alumnus, I can solely be proud {that a} language (Python) that was conceived within the late eighties on the UvA by Guido van Rossum. Having stated that, I believe it is usually nice to see a comparatively new language, like GO, taking the stage with 4% (although PYPL solely lists it as having a share of 1.49%). GO, being a compiled language and having different benefits, beats Python by far whenever you have a look at efficiency. This may not be vital with on a regular basis utilization however turns into vital when designing bigger and extra complicated purposes.
Vulnerabilities
Now let’s speak a bit extra about specifics: SCW is all about writing safe code, discovering and patching vulnerabilities. Probably the most performed vulnerability was Session Dealing with adopted by a few different widespread vulnerabilities (examine desk beneath).
What’s session dealing with chances are you’ll ask? Properly, take into consideration sure web sites like on-line shops can hold your cart updated although you shut and re-open the tab. Classes are key to an excellent consumer expertise when utilizing the net. Nonetheless, managing classes incorrectly can result in safety holes that attackers can exploit. Correct session administration is crucial to the safety of an utility. A legitimate session ID has the identical stage of belief as a username/password, or perhaps a second-factor authentication token. Seeing that that is such an vital a part of creating (net)purposes, it’s nice to see that the soldiers had been in a position to crush this. Throughout the challenges, the members recognized (given a weak codebase, determine vulnerability kind), situated (find vulnerabilities inside a codebase), fastened (determine the proper answer for the vulnerability) and did missions (experiencing vulnerabilities in real-world eventualities) for the assorted vulnerabilities.
What’s is subsequent?
DevNet Create 2021 is now over. Which means the Devvie Defends event can be over and the highest 25 have been recognized. The High 3 winners will earn prizes and bragging rights. However wait, there may be extra! The High 25 have earned their seat within the Devvie Secures: Match (Spherical 2) – a brand new elite event to be held at the moment. The warmth will probably be turned up as the problem of challenges will increase and gamers may even be examined with superior missions to earn much more factors as they combat their solution to the highest!
The High 3 will earn premium prizes and uber bragging rights, with prizes for everybody who competes. I wish to congratulate everybody who competed to date, and naturally some further congratulations to the High 25! Good luck at the moment and I’ll report again in a ultimate weblog submit on the outcomes of spherical 2 of this event: Devvie Secures!
Need extra of Safe Code Warrior?
If you wish to be taught extra about SCW, take a look at the session “Taking part in to win with safety champions & coaches: Why your growth staff wants each within the combat towards widespread vulnerabilities!”
Safe Code Warrior particular supply
Try the Safe Code Warrior particular supply for all DevNet Group Members! With their flagship studying platform, they information every coder alongside their very own most popular studying pathway, in order that security-skilled builders turn out to be the on a regular basis superheroes of our related world. Get a free consumer license for each license bought between now and March 31, 2022! Phrases apply.
We’d love to listen to what you suppose. Ask a query or depart a remark beneath.And keep related with Cisco DevNet on social!
Twitter @CiscoDevNet | Fb | LinkedIn
Go to the brand new Developer Video Channel
Share:
[ad_2]