Codebashing Overview

Codebashing is the #2 ranked solution in our list of top Application Security Training Software. It is most often compared to Veracode Security Labs: Codebashing vs Veracode Security Labs

What is Codebashing?

Codebashing's SaaS platform is built specifically to train, refresh and validate Software Developers and DevOps personnel on Application Security and Secure Coding principles; helping business to develop and maintain more secure software and applications. Codebashing achieves this through a purpose-built platform for developers that is time-efficient, game-like, and provides hands-on vulnerable applications to interact with… providing insight into how common vulnerabilities manifest within the application stack.

Codebashing Buyer's Guide

Download the Codebashing Buyer's Guide including reviews and more. Updated: July 2021

Codebashing Customers

Fitbit, Microsoft, Just Eat, NCC Group, National Bank of Abu Dhabi, Sky

Codebashing Video

Pricing Advice

What users are saying about Codebashing pricing:
  • "This solution is not freeware and more expensive than similar products."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Dodzi Kwame Agudogo
Senior Software Development Engineer at Stanbic Bank Ghana
Real User
Top 5Leaderboard
Good plugins, very scalable, and great for checking code vulnerabilities

What is our primary use case?

We use the solution for scanning the codes we develop in Java. We use it to check them against our glitches, then we mediate them before we push them to the applications and to the server.

Pros and Cons

  • "There are lots of great plugins available."
  • "The user interface could be updated and refreshed. It has the appearance of being very basic."

What other advice do I have?

We're just customers. We don't have a business relationship with the company. I'm pretty sure that the company is using the latest version. I didn't really check the version number, however, I think it's the latest. While we do use a cloud version now, it was previously deployed on-premises. It is a great solution. It's easy to integrate into and it is very common, very popular, here. Anything you need to do, you can do it on the platform. For example, if you're looking to add it to your CITD pipeline, there's a plugin to do that. It's great. Overall, out of ten, I'd rate it at a nine.
MM
CEO at a tech services company with 11-50 employees
Reseller
Top 10Leaderboard
Easy to use with an interactive approach, but it should have more integration with other educational platforms

What is our primary use case?

We are a service company, and we have a lot of projects for mobile app security. Our customers use JavaScript and Objective-C to code the backend of their systems, and our security experts use this solution to show our customers what needs to be fixed in their environment. We use a classic cloud service, but from a vendor, so we have a private cloud deployment. In the future, we may switch to an on-premises solution.

Pros and Cons

  • "This solution has an interactive approach that allows you to quickly receive basic knowledge about vulnerabilities and how they should be fixed."
  • "It would be helpful if the solution included tests or exams that would allow you to study, for example, all Java vulnerabilities, and then afterward test your knowledge."

What other advice do I have?

This is a solution that I recommend to people who have a Checkmarx socket implementation because it is good to have a platform with this training program included. Otherwise, it depends on the customer. If they have a lot of their own code development then training is needed. However, in some cases, where they have good experts with a lot of knowledge, then their own experts can teach the staff. For companies that do not have information security experts available for training, then this is a very good platform to have because it has very clear and quick lessons. This product is good and it is…
Learn what your peers think about Codebashing. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
521,637 professionals have used our research since 2012.
VD
Sr. Application Security Manager at a tech services company with 201-500 employees
Real User
Top 5Leaderboard
Has lots of configuration options, good security and good flexibility

What is our primary use case?

We primarily use the solution as part of an integration with the CI pipeline.

Pros and Cons

  • "There's a lot of flexibility and there are a lot of configuration options."
  • "The solution should make the configuration more simple. Sometimes the configuration is complex."

What other advice do I have?

We are not a customer of the solution at my current organization. We are currently running a POC. However, in my previous position, I was a customer. I'd rate the solution nine out of ten. It's a hard solution for developers to just start using. It's not so easy to just jump into. It takes time.
Cuneyt KALPAKOGLU Phd.
Founder & Chairman at Endpoint-labs Cyber Security R&D
Real User
Top 5Leaderboard
When we hire new engineers, it's company policy that they have to complete the Codebashing sessions

What is our primary use case?

We are very seriously using Codebashing. For example, when we have new engineers in the company, it is company policy that they have to complete the Codebashing sessions. During the orientation and onboarding period, all the engineers of our company must complete the Codebashings sessions and many of our customers are doing the same. We are strategic partners with Checkmarx and we are an internationally certified training center for Checkmarx and Codebashing.

Pros and Cons

  • "From an academic point of view, Codebashing is a very good product because it is based on gamification. This is especially true if you don't have any idea about secure code training. It is one of the best tools in the world to learn secure coding. The product explains very well how vulnerabilities can be found and how programmers can develop securely."
  • "If customers would be able to define their own quizzes or exams, it would be very good. That is the only missing part that I see - customer based scenarios, examinations and quizzes."

What other advice do I have?

My advice for anyone considering using Codebashing is to try the free version on their web page first. I would advise them to use the free version to understand the concept and to play with the program and only then to consider purchasing it. On a scale of one to 10, I would rate Codebashing a nine.
SiddharthSinghal
Information Security Engineer at a tech vendor with 51-200 employees
Real User
Top 20
Good knowledge base and easy to deploy, but it is only available for Windows

What is our primary use case?

We are a solution provider and this is one of the products that we are evaluating. We use Codebashing to provide users with different exercises for Python and UI. It allows them to practice.

Pros and Cons

  • "The most valuable feature is the integration with WhiteSource, which allows for open-source scanning."
  • "This solution is available for Windows only and does not have a Linux distribution."

What other advice do I have?

I have tested several areas of Codebashing and have used some of the labs that they provide. The labs are useful because you can find examples of flags and known vulnerabilities. It is different from other products. I would rate this solution a six out of ten.