Skip to main content
All CollectionsHackEDU FAQsContent Questions
What lessons are included in the Secure Development Training: 1-Year Plan preset?
What lessons are included in the Secure Development Training: 1-Year Plan preset?
Rachel Yonan avatar
Written by Rachel Yonan
Updated over a week ago

The Secure Development Training: 1-Year plan is our default training plan. It was designed to start your learners with beginner level lessons and as the year progresses move them to moderate and then advanced content.

This training plan preset contains 31 lessons spread out over 12 month-long phases and will cover the basics such as the OWASP Top 10 and well known public vulnerabilities. With no more then 1-3 lessons per month, your learners will be able to build a strong foundational knowledge of secure coding principles and best-practices.

The one-year plan contains the following lessons.

Month #


SQL Injection: Part 1

Command Injection

Reflected Cross-Site Scripting (XSS)


Identification and Authentication Failures

Broken Access Control

Security Misconfiguration


Cryptographic Failures

Security Logging and Monitoring Failures

Vulnerable and Outdated Components


XML External Entities (XXE)

Software and Data Integrity Failures

Cross-Site Request Forgery (CSRF)


Capital One: Part 1

Capital One: Part 2

Capital One: Part 3


Excessive Data Exposure

Broken Function Level Authorization

API Security Misconfiguration

Broken Object Level Authorization


Mass Assignment

Lack of Resources and Rate Limiting

JSON Web Token (JWT) Authentication Security


XSS in Third-Party Integration

SQL Injection: Part 2

Stored Cross-Site Scripting (XSS)


Stack Overflow


Blind XXE

DOM-Based Cross-Site Scripting (XSS)


Remote Code Execution


Apache Struts 2

MySpace "Samy" Worm


Did this answer your question?