SecureFlag Reviews & Product Details

When I joined Forward Financing’s security team, we were still building our code security training from the ground up. We were concerned that our developers did not have the proper training for coding, being aware of the security matters. From day one, Secure Flag gave us the structure and visibility we needed to help developers understand the vulnerabilities they might be introducing through code.

Over time, I became the main point of contact for Secure Flag in our team, and that’s because it works. It’s reliable. I know that when something pops up, their amazing team is really great. They're more than just vendors; I feel like they work with us and not for us. Review collected by and hosted on G2.com.

The labs on the learning courses might have some issues when you are using a VPN, but Secure Flag team is aware of that and gives you ideas to solve any issue you might encounter. Review collected by and hosted on G2.com.

Easy to use

Extremely interactive labs

High level of technical details

Great customer support Review collected by and hosted on G2.com.

Maybe a bit hard to use for newcomers of IT Security Review collected by and hosted on G2.com.

We appreciate the wide range of features offered: the platform is easy to use, simple to implement, and integrates smoothly with Okta. It also provides numerous learning paths, regularly updates its content, and offers excellent customer support.

This versatile platform delivers more than just content—it creates a gamified experience for our Security Champions program, including tournaments, quizzes, and a points system. Our developers are also pleased with the platform, rating it an average of 9 out of 10. Review collected by and hosted on G2.com.

We don't have any particular feedback at the moment, but it occurs to me that adding an AI chatbot with all the content vectorized in a RAG could be useful. This feature would make it easier for developers to look up security code information. Although we never listed this as a requirement, writing this review made me realize it could be a valuable addition—just something nice to have.

Regarding the Threat Model API, it would be helpful if there were more endpoints available. This would allow for greater automation of workflows and make it possible to create diagrams entirely outside their platform while still using their API. Review collected by and hosted on G2.com.

Developers appreciate the interactive nature of the platform, which makes learning about secure coding both practical and enjoyable.

SecureFlag provides a dedicated environment where users can work hands-on with real-world security challenges.

The platform helps developers make better decisions regarding security and information security in general.

After two years of use, SecureFlag has become an integral part of your team’s security training. Review collected by and hosted on G2.com.

At times, the tests and challenges have been stricter than what is covered in the learning modules, which can be frustrating for users.

Some users may find it challenging to bridge the gap between the training material and the expectations in the practical tests. Review collected by and hosted on G2.com.

In my experience as an Application Security Architect responsible for running a secure coding training program, I find SecureFlag to be an exceptional platform for enterprise-level developer education. It delivers a hands-on, real-world learning experience where developers actively work in realistic coding environments to identify and fix vulnerabilities rather than passively watching videos or taking quizzes. I use its flexible features to build and customize learning paths tailored to specific teams, technologies, and skill levels. The platform’s detailed progress tracking and gamified elements, such as leaderboards and tournaments, keep developers motivated and make it easy to measure the program's performance. SecureFlag’s customer support team is exceptional, providing expert guidance and proactive assistance to ensure the program’s success from implementation through ongoing management. Overall, SecureFlag empowers me to run a secure coding training program that is practical, scalable, and highly effective across the organization. Review collected by and hosted on G2.com.

While SecureFlag is effective, it doesn’t address every challenge that can arise in a secure coding training program. It offers a solid foundation for secure coding education, but the initial setup can feel overly complex, particularly when establishing the training framework and defining organizational goals. The process demands thoughtful planning, customization, and ongoing commitment to ensure alignment with real-world development practices. Without that sustained effort, the training risks becoming a static compliance exercise rather than a dynamic, integrated component of a company’s secure development lifecycle. Review collected by and hosted on G2.com.

SecureFlag platform is one of the most effective and developer friendly solutions we've used for secure coding training. What sets it apart is the hands on learning approach that lets developers fix real vulnerabilities in realistic environments. So it's not just theory, it's practical and relevant with real word examples.

The platform supports a wide variety of programming languages and frameworks, which makes it easy to train diverse development teams without needing multiple tools. Gamification features like progress tracking, achievements, and leaderboards keep engagement high and encourage continuous learning. Tournaments are also fun and engaging.

From an administrative standpoint, it's simple to set up. Assigning modules, creating learning paths, and tracking progress is straightforward, and the reporting features give a clear view of how individuals and teams are progressing. Review collected by and hosted on G2.com.

While some learning paths are really well covered, some not so popular languages do not have a large selection of labs. The positive side is that content gets added frequently and more and more things

It would be helpful to have additional options for exporting reports and access to more detailed analytics. Review collected by and hosted on G2.com.

The Secure Flag platform has allowed us to easily deliver high quality secure development training to our engineers. The educational materials they deliver are first class and the hands-on experience it provides are way better than other solutions on the market we've tried.

As a regulated business in the financial services sector, the security of our applications is something we take very seriously, and we are confident that we are equipping our engineers with the best training to keep our customers and our business safe.

The onboarding process was easy, and the team we dealt with (shout out to Christian!) were super helpful - even now, still checking in to make sure everything is going well. Now that we've been enrolled with them for around 6 months I can say that we're still getting great service and care from our customer success manager Naveen, and our account manager Carla. Review collected by and hosted on G2.com.

The management dashboard isn't the most intuitive, but they have instruction materials available it's ok once you get the hang of it. Review collected by and hosted on G2.com.

There are mainly three factors that made us decide in facor of SecureFlag:

ease of adoptions - sensibly grouped learning paths and easy administration/ implementaiton plus with our license developers can also use the platform in their free time; and they actually do and love to use it frequently.

interactivity - the actual labs separated SecureFlag from other contestants, developers solve real code in real virtual environments

quality of content and suppert - SecureFlag covers a wide range of frameworks and adds constantly new, relevant content; the customer sucess is really outstanding Review collected by and hosted on G2.com.

We only encountered two challenge or thins we would improve

administering trainingsplans. If there could be be some distinction between new and existing employees

The SDLC content can be more interactive

But on both sides customer success management is working actively and very supportive with us Review collected by and hosted on G2.com.

I have found the platform to be straightforward and easy to use, with a well-organized interface that facilitates efficient navigation. The content offered is diverse, providing access to a wide array of resources and information suitable for various interests and needs. Additionally, the customer support has been responsive and effective, addressing inquiries in a timely manner. Review collected by and hosted on G2.com.

Sometimes some labs would stuck, but nothing major really. Review collected by and hosted on G2.com.

SecureFlag is very effective at providing the Secure Coding training for our development teams.

As a company we are required to provide this training to all our software developers, and SecureFlag has been the most popular platform within our development teams. We have positive feedback about SecureFlag which compares very favourably with feedback from other secure coding platforms tried before.

There are many things to like about SecureFlag, a couple of these are:

- it is easy for developers to appreciate the relevance and importance of the training

- the ThreatCanvas threat modeling tool is very good indeed

and there are other reasons for appreciating what SecureFlag offer, not least the excellent customer support.

To sum up, we are pleased with secureFlag and value the service it provides. Review collected by and hosted on G2.com.

There is nothing to dislike about SecureFlag.

When we first introduced the training to our development teams there was some feedback about too many notifications, but this was easily reconfigured to a level that they liked. Review collected by and hosted on G2.com.