If you were talking to someone whose organization is considering Codebashing, what would you say?
How would you rate it and why? Any other tips or advice?
I have tested several areas of Codebashing and have used some of the labs that they provide. The labs are useful because you can find examples of flags and known vulnerabilities. It is different from other products. I would rate this solution a six out of ten.
We are not a customer of the solution at my current organization. We are currently running a POC. However, in my previous position, I was a customer. I'd rate the solution nine out of ten. It's a hard solution for developers to just start using. It's not so easy to just jump into. It takes time.
This is a solution that I recommend to people who have a Checkmarx socket implementation because it is good to have a platform with this training program included. Otherwise, it depends on the customer. If they have a lot of their own code development then training is needed. However, in some cases, where they have good experts with a lot of knowledge, then their own experts can teach the staff. For companies that do not have information security experts available for training, then this is a very good platform to have because it has very clear and quick lessons. This product is good and it is reliable. I would rate this solution a seven out of ten.