Checkmarx and OWASP Launch First-ever Global Codebashing Learning Initiative


Andrew van der Stock

Thursday, April 18, 2024

OWASP chapters and members gain Codebashing access to boost adoption of application security and compliance standards while building trust between security and development teams. Read on to learn more about the Codebashing AppSec Training Initiative.

PARAMUS, NJ – April 18, 2024 – Checkmarx, the leader in cloud-native application security, today announced the Codebashing AppSec Training Initiative in partnership with the Open Worldwide Application Security Project, (OWASP). The program will provide OWASP chapters and their members around the world with access to the Codebashing AppSec solution to ease the adoption of application security (AppSec) and compliance standards and build trust between security and development teams.

OWASP is an online community that produces freely available articles, methodologies, documentation, tools, and technologies in the fields of IoT, system software and application security.

With over seven million minutes of AppSec training each year and a lesson completion rate of over 95%, Codebashing equips developers with the tools and knowledge to improve their secure coding skills. Delivered as a software-as-a-service (SaaS) solution, Codebashing offers a compelling way for security teams to better engage developers for AppSec adoption and standards compliance. Learning key AppSec concepts within their familiar workspaces and applying those concepts from the first line of code across all applications improves productivity and lowers risk while making the AppSec process more enjoyable.

Codebashing seamlessly merges with a developer’s daily tasks, offering learning modules within their IDEs via Checkmarx One plugins. Its innovative ‘Learning Path’ approach promotes continuous skill enhancement and is finely tuned to a developer’s specific role, be it back-end, front-end or DevOps.

Checkmarx’ renowned security researchers have curated over 85 lessons to shape the “Security Champion Program,” a visually engaging path guiding developers towards mastery. On completion, participants earn an exclusive Security Champion certificate endorsed by Checkmarx.

In the new joint program with OWASP, Checkmarx has made Codebashing available to all OWASP members for a duration of one year beginning DATE. Once they’ve completed the program, participants will receive the Checkmarx AppSec Pro Certification for OWASP Members.

“Checkmarx appreciates the hard work and commitment of the OWASP Foundation and its global network of chapters and members in bringing Application Security to the forefront in an increasingly challenging threat landscape,” remarked Sandeep Johri, CEO at Checkmarx. “Our Checkmarx research team – and the entire company – are long-time supporters and contributors to the OWASP Foundation, both globally and locally. This new initiative will further strengthen Checkmarx One leadership to build trust between security and developers while equipping and training a new generation of software developers on emerging software supply chain threats.”

“The OWASP mission is to make the best resources available to help raise the security standards of applications now being developed and deployed – the same applications running businesses, governments, and mission-critical processes around the world,” said Andrew van der Stock, Executive Director of OWASP. “We’re pleased to work with Checkmarx to make Codebashing available to our members, which will help ease the process of application security and build better relationships between security and development teams.”

“The best way to ensure secure development by design is through training and awareness. AppSec training should be a part of any comprehensive security program,” said Ori Bendet, VP of Product Management at Checkmarx. “We’re truly pleased to work with OWASP to give their members this opportunity to strengthen their AppSec defenses in an engaging way.”

The Checkmarx research team has long contributed to the software development and security communities by educating and raising awareness through its publications, presentations at leading conferences, and AppSec Village events. Checkmarx VP of Security Research Erez Yalon founded and has led the API Security project at OWASP since 2019.

Codebashing further extends that commitment to helping the software development community learn more and do better in everything related to application security. The training solution helps developers at all levels better understand concepts and terminology in AppSec, and from theory to practice, experience and solve real-time secure code challenges. Offering courses and mini-lessons in all leading coding languages, Codebashing covers all leading security vulnerabilities in an engaging and interactive way.

To learn more about Codebashing or if you’re an OWASP member in utilizing this member benefit, please visit the website.

About Checkmarx

Checkmarx is trusted by enterprises worldwide to secure their application development from code to cloud. Our consolidated platform and services balance the dynamic needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk, but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders. We are honored to serve more than 1,800 customers, including 60 percent of all Fortune 100 companies.

Follow Checkmarx on LinkedIn, YouTube, and Twitter.


Our vision - “No more insecure software”

The Open Worldwide Application Security Project (OWASP) is a nonprofit foundation that works to improve software security. Our programming includes:

  • Community-led open-source projects, including code, documentation, and standards
  • Over 250+ local chapters worldwide
  • Tens of thousands of members and participants
  • Industry-leading educational and training conferences

We are an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. Our projects, tools, documents, forums, and chapters are free and open to anyone interested in improving application security. The OWASP Foundation launched on December 1st, 2001, becoming incorporated as a United States non-profit charity on April 21, 2004.

Corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work for two decades. Donate, become a Member, or a Corporate Supporter today.

Follow OWASP on LinkedIn, Mastodon, and X.