SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
IT Training
#
Application Security
#
DevSecOps

Immersive launches live AppSec exercises to boost secure coding

Yesterday
Author image
By Catherine Knowles, Journalist

Immersive has launched AppSec Range Exercises, a new solution aimed at enhancing secure development practices within developer and engineering teams.

The company's AppSec Range Exercises are designed to extend its existing offering beyond traditional hands-on labs, providing a holistic approach to cyber readiness by allowing cyber leaders and practitioners to both prove and develop their security capabilities. The new solution includes range exercises for engineering, AppSec and DevSecOps teams, with the intention of embedding security into everyday workflows, minimising friction, and encouraging secure development at scale.

According to Immersive, organisations are under increasing pressure to enhance application security, yet existing developer training has not matched the pace or complexity of current software development. "Without relevant, continuous, and measurable training, Engineering and AppSec leaders struggle to prove or improve secure coding practices or assess their teams' readiness to prevent vulnerabilities across the software development lifecycle (SDLC). Last year, 90% of organisations suffered a breach - and most blamed the cybersecurity skills gap, according to the World Economic Forum. Immersive AppSec Range Exercises address such skills gaps," the company stated.

AppSec Range Exercises simulate real-world team workflows within a realistic SDLC environment. Development teams are able to collaborate to triage, assign, fix, and verify vulnerabilities in a live application. The approach incorporates realistic, ongoing training that seeks to help leaders such as VPs of engineering and heads of AppSec "remove barriers to develop security skills across their teams and drive adoption at scale."

The product provides hands-on labs that challenge users with practical coding tasks exposing real vulnerabilities. At the same time, the range exercises offer remediation scenarios intended to promote collaboration under time pressure, allowing teams and individuals to train not only at the code level but also across the development lifecycle.

Chris Wood, Principal Application Security SME at Immersive, said, "We are offering the world's first live, practical, and repeatable AppSec exercising experience that mirrors how engineering teams identify and fix vulnerabilities together. We're addressing the challenges of VPs of Engineering and heads of AppSec by providing a meaningful way of shifting developers' mindsets from seeing security as a roadblock to embracing it as a driver of software quality and release velocity, while supporting predictability and organisational resilience."

Immersive describes the new solution as a practical, team-based approach to application security training, with the intent of breaking down silos between DevSecOps teams and positioning AppSec as a strategic business function. The product tracks proficiency at both the individual and team level, recording completions, attempts, accuracy, and areas where users commonly struggle, to support targeted upskilling for development teams.

Another feature of the solution is its capacity to measure the speed with which developers identify and remedy vulnerabilities. This data enables leaders to identify strengths and weaknesses within cross-functional AppSec capabilities, supporting efforts to strengthen security across the entire SDLC.

The company lists several anticipated benefits from the expanded AppSec offering, including increased productivity by embedding security practices within daily workflows to reduce delays arising from late-stage vulnerability discovery. The company also highlights optimised training return on investment by preparing teams for complex threats using data-driven insights and supporting continuous skills growth.

Reduced costs are another claimed advantage, with the solution intended to minimise costly rework and avoid the need for expensive new hires, allowing senior developers to concentrate on higher-priority projects. The product is also described as supporting improved compliance by helping teams to meet secure coding mandates via real-world training exercises, and by enhancing overall cyber resilience by eliminating DevSecOps silos.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Over 1,200 government devices lost or stolen across 2024
Emojis used to hide attacks & bypass major AI guardrails
Kaspersky warns AI-generated passwords expose users to attacks
AI-driven upgrades automate privileged access in PAM360
ManageEngine upgrades PAM360 with AI-driven cloud access controls
Top stories
Scattered Spider exploited UK retailer service desks
New platform aims to fix gaps in corporate cyber response plans
Abadesi Osunsade to lead Women in Cybersecurity keynote
Bugcrowd Grows Global Reach via AWS ISV Accelerate
UK retailers face £1 million daily losses after cyberattacks