How sharp are your coders when it comes to security? Checkmarx has launched a new game for developers that tests their knowledge of common code vulnerabilities.
It’s an interesting idea. Checkmarx, an application security firm, believes that playing a game just might help developers hone their cyber security knowhow.
The new Game of Hacks, which is available for desktop, tablets and mobile devices presents developers with code snippets written in C#, Groovy, Java, Java Script, ASP, C++, PHP and Ruby and asks them to spot the vulnerability. It includes many of the standard vulnerabilities that have existed in code for years and yet somehow always seem to rank high on the lists of most common security issues.
It presents code that demonstrates common vulnerabilities such as SQL injection, XSS, Log Forgery, Path traversal, Parameter Tampering and many others, and challenges developers to identify the application layer vulnerability as quickly as possible. You can even upload your own snippets and it has a 2-player mode allowing developers to battle head-to-head.
According to Asaph Schulman, VP Marketing of Checkmarx, “We’ve been seeing a rise in hackers successfully exploiting vulnerabilities in applications’ codes - vulnerabilities that often exist from the early development stage of the software and remain undetected until it’s too late. We repeatedly hear security managers concerned about the secure coding knowledge of their development teams and are looking to provide more training. Game of Hacks was designed to sharpen developers' security acumen in a fun and interactive way so many of the most common security vulnerabilities can be avoided in the first place.”
Checkmarx’s Founder and CTO Maty Siman adds, “Checkmarx is committed to bridging the gap between app developers’ coding abilities and their security literacy.
Thinking like a hacker can ensure developers protect their applications from the most likely exploits. As mobile and web applications grow in popularity, protecting consumer information before it is put at risk is more important than ever.”
Game of Hacks isn’t for everyone (I doubt it will ever reach a top downloads spot on any online app store). Proper coding and knowledge of common security vulnerabilities is an ongoing battle and if Game of Hacks can raise the awareness of these vulnerabilities then I wish them all the best.
The company plans to debut the game at the upcoming Black Hat USA conference this week.
You can check out Game of Hacks for yourself here.