April 9th, 2024
Lesson Re-Assignment π¨
We've introduced support for Admins to require learners to re-take previously completed lessons as part of their path or quest and maintain the previous reporting data. To learn more about lesson re-assignment check out this article.
April 6th, 2024
UI Improvements πͺ
This weekend, our Content team updated all our Recommended Advanced paths by adding the word "Advanced" to the name. Previously, they would only show the language and/or technology. We hope this makes finding the right content for your learners even easier!
β
February 28-29th, 2024
New Assignments Feature & Content Type π
Assignments Table
This week, we released the Admin's Assignments Table. This new view provides Training Admins with better visibility of their active training assignments. The Assignments table displays:
Your assignments by name
If they are currently active
Due date (if applicable)
Number of users by status (Complete, In Progress or Not Started)
Percentage of users by status (Complete, In Progress or Not Started)
Coding Challenges
We've also added a new lesson type to the Security Journey Platform. They are called "Coding Challenges." This lesson type can be added to path or tournaments. These are hands-on and are within an integrated development environment. These are language specific.
β
February 23rd, 2024
New Hands-On Only Topic Based Paths π
Our content team has been laser focused on creating differentiated learning paths to meet your specific learning needs. This time, we've expanded our topic based paths. You can now find 11 new paths covering various security topics using existing hands-on (Break/Fix) lessons:
Authentication (Break/Fix)
Authorization (Break/Fix)
Cross-site Scripting (XSS) (Break/Fix)
Docker Security (Break/Fix)
Encryption Basics (Break/Fix)
Injection Attacks (Break/Fix)
NoSQL Security (Break/Fix)
OAuth (Break/Fix)
Secure Password Management (Break/Fix)
Server-side Request Forgery (SSRF) (Break/Fix)
SQL Security (Break/Fix)
These will live under More > Admin > Paths & Quests > Default Paths > Hands-on.
February 20th, 2024
New Hand-On Only Role Based Paths π
Today, our Content team rolled out role-based, hands-on paths. You can find these by navigating to More > Admin > Paths & Quests > Default Paths > Hands-on:
AppSeC Professional
Foundational: AppSec Professional (Break/Fix)
Intermediate: AppSec Professional (Break/Fix)
Advanced: AppSec Professional (Break/Fix)
Web Developer
Foundational: Web Developer (Break/Fix)
Intermediate: Web Developer (Break/Fix)
February 16th, 2024
New Recommended Role Based & Break/Fix Paths π
Our Content Team rolled out two new Break/Fix paths. These mirror existing courses on our legacy HackEDU site. These paths will show up in the Admin Path Ul and you can find them by going to More > Admin > Paths & Quests > Default Paths > Recommended > Break/Fix:
HackEDU: Credential Reuse
HackEDU: Cryptography
We also released two new paths for Web Developers. These paths will show up in the Admin Path UI and you can find them by going to More > Admin > Paths & Quests > Default Paths > Hands-on:
Foundational: Web Developer (Break/Fix)
Intermediate: Web Developer (Break/Fix)
February 8th, 2024
New Admin Feature π
We've added a toggle for learner attribute (first name, last name etc.) editing that will allow learners to edit their user profile. If enabled, they'll be able to edit these attributes even if SSO or SCIM are enabled.
βKeep in mind, syncs from your IdP or SCIM API will still override manually entered attributes.
January 25th, 2024
New Features & Language Support π
It was a big week for new features at Security Journey!
SCIM
You can now automatically create, update, and archive users directly from your identity provider (IdP) using SCIM. First name, Last Name and Email Address are the only user properties supported at this time. To learn more check out this collection of articles.
Break/Fix Task List
Created in response to customer feedback that instructional text was too long.
Enables learners to complete the lesson leveraging just the tasks list.
Break/Fix only
Starting with:
OWASP Top 10 2021
OWASP API Top 10 2023
Assignment by Learner Attribute
This functionality allows admins the ability to assign content and report on the assignment by learner attributes.
You can see the 10 new options in Assignment Selection filters in the Assignment UI
Additional Language Support
Our content team added Ruby to 8 more of our Break/Fix lessons:
Encoding (Cryptography)
Encryption (Cryptography)
Hashing (Cryptography)
Account Lockout (Credential Reuse)
CAPTCHA (Credential Reuse)
Persistant Cookies (Credential Reuse)
Device Fingerprinting (Credential Reuse)
Encoding, Hashing and Encryption (Credential Reuse)
January 18th, 2024
Content Improvements πͺ
We continue expand our language support for our Break/Fix Lessons:
Security Misconfiguration now supports Ruby
Unsafe Consumption of APIs is available for C++
Unrestricted Access to Sensitive Business Flows is now available for Rust, Perl, C and C++
January 4th, 2024
Platform Updates & New Features π¨
We have several new features that were rolled out this week!
β
Duration Based Assignments
We now allow you to specify how many days a learner has to complete an assignment vs. only being able to choose a strict start/end date.
β
Restricted Paths
You now have the ability to "restrict" a path to an assignment. This means that a path would only be visible to a learner if it was assigned to them. If restricted, the enabled path will not show up in the map or list view as an available option when choosing a path. For more information check out this article.
β
User Properties in Reporting
We've gone ahead and updated the Platform reports to include ALL available user properties as filters. This applies to properties created via SSO and to customers who manually added user properties in their user profile.