@@ -16,9 +16,9 @@ classes of vulnerabilities that have been identified in GitLab.
## Secure Code Warrior
GitLab uses Secure Code Warrior to provide ongoing secure coding training. Eligible team members can log in via Okta.
GitLab uses Secure Code Warrior to provide ongoing secure coding training. Eligible team members can log in via Okta. Training is assigned on an annual basis but you may also explore on your own (if you have this Okta tile).
If you think you should have access but don't see it in Okta, check this list of roles below.
If you think you should have access but don't see it in Okta, please contact #security_help for assistance.
### Using Secure Code Warrior
@@ -30,7 +30,7 @@ From time to time the Security Department might also run [Tournaments](https://h
### Getting help
Visit the [`#security-secure-code-warrior`](https://gitlab.slack.com/archives/C03HHQAKE8P) Slack channel to chat, ask questions, give feedback, or get help.
Visit the #security_help Slack channel to chat, ask questions, give feedback, or get help.
Found a bug, confusing content, or incorrect answer? Please use Secure Code Warrior's built in bug reporting by selecting "Help" in the top right, then selecting "Submit bug or feedback". This will help improve the platform for all users.
@@ -47,9 +47,9 @@ The criteria used to determine inclusion were:
- Does the role description include writing or reviewing code that may interact with GitLab RED data, and in a language supported by Secure Code Warrior?
- This is typically Individual Contributors and their direct Managers. Senior Managers and above are excluded, at present.
- Does AppSec believe the role benefit from Secure Code Training anyway?
- Does AppSec believe the role benefits from Secure Code Training anyway?
If a role should be added or removed, please open an MR and @ mention `@gitlab-com/gl-security/product-security/appsec`. If your role is in the list already but SCW doesn't show up in Okta, ask for help in `#secure-code-warrior` on Slack. An AppSec team member will add you to [the Google Group](https://groups.google.com/a/gitlab.com/g/okta-securecodewarrior-users/members) and update any baseline entitlements / onboarding checklists to ensure those in your role are included in the future.
If your role is in the list already but SCW doesn't show up in Okta, ask for help in #security_help on Slack. An AppSec team member will add you to [the Google Group](https://groups.google.com/a/gitlab.com/g/okta-securecodewarrior-users/members) and update any baseline entitlements / onboarding checklists to ensure those in your role are included in the future.
