All Collections
Security Journey Release Notes
What's New at Security Journey πŸŽ‰
What's New at Security Journey πŸŽ‰

All our recent updates - from new features, content & enhancements!

Rachel Yonan avatar
Written by Rachel Yonan
Updated this week

February 23rd, 2024

New Hands-On Only Topic Based Paths πŸŽ‰

Our content team has been laser focused on creating differentiated learning paths to meet your specific learning needs. This time, we've expanded our topic based paths. You can now find 11 new paths covering various security topics using existing hands-on (Break/Fix) lessons:

  1. Authentication (Break/Fix)

  2. Authorization (Break/Fix)

  3. Cross-site Scripting (XSS) (Break/Fix)

  4. Docker Security (Break/Fix)

  5. Encryption Basics (Break/Fix)

  6. Injection Attacks (Break/Fix)

  7. NoSQL Security (Break/Fix)

  8. OAuth (Break/Fix)

  9. Secure Password Management (Break/Fix)

  10. Server-side Request Forgery (SSRF) (Break/Fix)

  11. SQL Security (Break/Fix)

These will live under More > Admin > Paths & Quests > Default Paths > Hands-on.

February 20th, 2024

New Hand-On Only Role Based Paths πŸŽ‰

Today, our Content team rolled out role-based, hands-on paths. You can find these by navigating to More > Admin > Paths & Quests > Default Paths > Hands-on:

AppSeC Professional

  • Foundational: AppSec Professional (Break/Fix)

  • Intermediate: AppSec Professional (Break/Fix)

  • Advanced: AppSec Professional (Break/Fix)

Web Developer

  • Foundational: Web Developer (Break/Fix)

  • Intermediate: Web Developer (Break/Fix)

February 16th, 2024

New Recommended Role Based & Break/Fix Paths πŸŽ‰

Our Content Team rolled out two new Break/Fix paths. These mirror existing courses on our legacy HackEDU site. These paths will show up in the Admin Path Ul and you can find them by going to More > Admin > Paths & Quests > Default Paths > Recommended > Break/Fix:

  • HackEDU: Credential Reuse

  • HackEDU: Cryptography

We also released two new paths for Web Developers. These paths will show up in the Admin Path UI and you can find them by going to More > Admin > Paths & Quests > Default Paths > Hands-on:

  • Foundational: Web Developer (Break/Fix)

  • Intermediate: Web Developer (Break/Fix)

February 8th, 2024

New Admin Feature πŸŽ‰

We've added a toggle for learner attribute (first name, last name etc.) editing that will allow learners to edit their user profile. If enabled, they'll be able to edit these attributes even if SSO or SCIM are enabled.

​Keep in mind, syncs from your IdP or SCIM API will still override manually entered attributes.

January 25th, 2024

New Features & Language Support πŸŽ‰

It was a big week for new features at Security Journey!


You can now automatically create, update, and archive users directly from your identity provider (IdP) using SCIM. First name, Last Name and Email Address are the only user properties supported at this time. To learn more check out this collection of articles.

Break/Fix Task List

  • Created in response to customer feedback that instructional text was too long.

  • Enables learners to complete the lesson leveraging just the tasks list.

  • Break/Fix only

  • Starting with:

    • OWASP Top 10 2021

    • OWASP API Top 10 2023

Assignment by Learner Attribute

  • This functionality allows admins the ability to assign content and report on the assignment by learner attributes.

  • You can see the 10 new options in Assignment Selection filters in the Assignment UI

Additional Language Support

Our content team added Ruby to 8 more of our Break/Fix lessons:

  • Encoding (Cryptography)

  • Encryption (Cryptography)

  • Hashing (Cryptography)

  • Account Lockout (Credential Reuse)

  • CAPTCHA (Credential Reuse)

  • Persistant Cookies (Credential Reuse)

  • Device Fingerprinting (Credential Reuse)

  • Encoding, Hashing and Encryption (Credential Reuse)

January 18th, 2024

Content Improvements πŸ’ͺ

We continue expand our language support for our Break/Fix Lessons:

  • Security Misconfiguration now supports Ruby

  • Unsafe Consumption of APIs is available for C++

  • Unrestricted Access to Sensitive Business Flows is now available for Rust, Perl, C and C++

January 4th, 2024

Platform Updates & New Features 🚨

We have several new features that were rolled out this week!

Duration Based Assignments

We now allow you to specify how many days a learner has to complete an assignment vs. only being able to choose a strict start/end date.

Restricted Paths

You now have the ability to "restrict" a path to an assignment. This means that a path would only be visible to a learner if it was assigned to them. If restricted, the enabled path will not show up in the map or list view as an available option when choosing a path. For more information check out this article.

User Properties in Reporting

We've gone ahead and updated the Platform reports to include ALL available user properties as filters. This applies to properties created via SSO and to customers who manually added user properties in their user profile.

Did this answer your question?