Which of the following is the act of proving to a customer that software developers are trained on secure coding?

Assurance generally refers to the confidence or guarantee provided regarding a product or service, but it lacks the specific formal documentation that attestation entails. While assurance can indicate that developers are trained, it does not explicitly demonstrate or certify their qualifications, which is the key aspect of attestation.

A contract is a legally binding agreement between parties that outlines the terms and conditions of a service or product. While a contract may include clauses related to secure coding practices, it does not serve to prove or provide evidence of the developers' training or qualifications in that area.

Due diligence refers to the process of conducting thorough research and analysis before entering into an agreement or transaction. While it involves assessing the qualification of developers, it does not constitute formal proof or certification of their training in secure coding practices, which is what attestation provides.