Resources
Guides, documentation, and references to help your team get the most out of SecureCodingHub. We're building this out — check back soon.
Documentation
Platform setup, SSO configuration, SCIM provisioning, SCORM integration, and admin guides.
Security Guides
50+ in-depth guides covering OWASP Web, API, Mobile, and Client-Side vulnerabilities with code examples and prevention techniques.
Blog
Insights on application security, secure coding practices, vulnerability research, and product updates.
Changelog
New vulnerability types, language support, platform features, and improvements — all in one place.
Real-World Incidents
Walk through real-world supply chain attacks and security breaches in interactive, step-by-step scenarios.
API Reference
REST API documentation for progress tracking, user management, and LMS integration endpoints.
Get notified when we publish
Drop us a line at hello@securecodinghub.com and we'll let you know when new resources are available.
How to use the SecureCodingHub resource library
The resource library is organised around three jobs developers and security leaders ask us to help with. The first is understanding a vulnerability quickly — for example, you've just had a pen-test finding flagged as DOM-based XSS or SSRF and you need a clear explanation, a working code example, and the standard fixes. That's what the Security Guides section is for: each guide opens with a one-paragraph description, the OWASP and CWE references, then the offensive and defensive code in your stack of choice.
The second job is making good decisions about your platform — selecting the right training programme, justifying budget to your leadership, or preparing for an audit. The Blog covers the wider topics that surround those decisions: how PCI DSS v4.0.1 changed in 2025, what the EU Cyber Resilience Act expects from secure development, the difference between SAST and DAST and IAST, how to evaluate a secure coding training vendor, and where bug bounty fits into a secure SDLC.
The third job is operating SecureCodingHub day to day — onboarding a new team, configuring SSO, generating SCORM packages, exporting compliance evidence. The Documentation section is the operational manual: task-oriented pages with prerequisites, steps, and troubleshooting notes. The Changelog tracks every shipped feature, content update, and supported-language addition.
Suggested starting points
If you're new to the platform, start with the Quick Start Guide and then preview the interactive demo. If you're preparing for a PCI DSS audit, read the PCI DSS compliance page and the blog post on requirement 12.6.1 and secure coding training. If you're preparing for the EU Cyber Resilience Act, start with the developer guide to the CRA. If you're training your application security team, the OWASP-aligned guides under Security Guides are the most efficient path.
All of the content here is free to use and free to share within your organisation. We do not gate articles behind sign-up walls and we do not require a paid subscription to read the documentation. If you spot something that should be updated or covered, send a note to hello@securecodinghub.com.