All Collections
Security Journey Release Notes
What's New at Security Journey πŸŽ‰
What's New at Security Journey πŸŽ‰

All our recent updates - from new features, content & enhancements!

Rachel Yonan avatar
Written by Rachel Yonan
Updated over a week ago

May 22nd, 2024

New Feature & Improvements πŸ’ͺ

UI Modernization

As part of our Platform modernization efforts, you may have noticed that we made some UI updates:

  1. We've made the corners of components in the platform more square

  2. We've changed the UI font

  3. The "In-progress" icon color was updated from brown to purple

Banner Controls

Admins now have the ability to delete Platform banners at will. Previously, you would've needed to push a new banner or submit a request to Support to have it removed.


May 14th, 2024

Path & Quests UI Update πŸ’ͺ

We've rolled out an update to the Path & Quests UI this week to help streamline finding the paths most appropriate for your learners. We've renamed Default to Recommended Paths. Additionally, we've updated the menu option names and they are now organized by type of content:

  • Video and Hands-On

  • Hands-On Only

  • Activities

We've also cleaned up your Custom Path menu, now all custom paths will show up under "My Paths" instead of organized by type of content.


May 10th, 2024

New Feature & Improvements πŸ’ͺ

Copy Button Added to Break/Fix Lessons

In our HackEDU Break/Fix lessons, we ask learners to copy & paste code snippets from the lesson into the sandbox but we didn't provide a way to easily copy the code. Now, learners have a copy button to allow them to seamlessly add the code snippets to their code editor!

Tournament Improvements

  • The dropdown filters in our Tournament filters have now been alphabetized

  • The default text for the Tournament Summary has been updated and the field is now able to be edited

  • Admins can also add learners to a Tournament after it's been started

Assignment Progress Report UI Improvements

  • The Assignment Progress Report now has filters (mirrors the functionality seen in the Progress report UI)

  • The Assignment Progress Report is now able to be downloaded from Assignment Progress UI (Previously, you had to navigate to the Admin > Reporting page to download this report)


May 3rd, 2024

New OWASP Alternative Path πŸŽ‰

You asked and we delivered! Our new HackEDU: OWASP Top Ten | Alt 1 path delivers comprehensive lessons aimed at deepening developers' understanding of critical security principles. This can be used alongside the original HackEDU: OWASP Top Ten path or as the next step in their learning journey. This path introduces alternative lessons that address new Common Weakness Enumerations (such as use of hard coded credentials, overreliance on cookies, authentication bypass by spoofing and others) and offers innovative solutions to strengthen applications against potential attackers.

To learn more, check out our Help Desk article.


April 9th, 2024

Lesson Re-Assignment 🚨

We've introduced support for Admins to require learners to re-take previously completed lessons as part of their path or quest and maintain the previous reporting data. To learn more about lesson re-assignment check out this article.


April 6th, 2024

UI Improvements πŸ’ͺ

This weekend, our Content team updated all our Recommended Advanced paths by adding the word "Advanced" to the name. Previously, they would only show the language and/or technology. We hope this makes finding the right content for your learners even easier!
​


February 28-29th, 2024

New Assignments Feature & Content Type πŸŽ‰

Assignments Table

This week, we released the Admin's Assignments Table. This new view provides Training Admins with better visibility of their active training assignments. The Assignments table displays:

  • Your assignments by name

  • If they are currently active

  • Due date (if applicable)

  • Number of users by status (Complete, In Progress or Not Started)

  • Percentage of users by status (Complete, In Progress or Not Started)

Coding Challenges

We've also added a new lesson type to the Security Journey Platform. They are called "Coding Challenges." This lesson type can be added to path or tournaments. These are hands-on and are within an integrated development environment. These are language specific.
​


February 23rd, 2024

New Hands-On Only Topic Based Paths πŸŽ‰

Our content team has been laser focused on creating differentiated learning paths to meet your specific learning needs. This time, we've expanded our topic based paths. You can now find 11 new paths covering various security topics using existing hands-on (Break/Fix) lessons:

  1. Authentication (Break/Fix)

  2. Authorization (Break/Fix)

  3. Cross-site Scripting (XSS) (Break/Fix)

  4. Docker Security (Break/Fix)

  5. Encryption Basics (Break/Fix)

  6. Injection Attacks (Break/Fix)

  7. NoSQL Security (Break/Fix)

  8. OAuth (Break/Fix)

  9. Secure Password Management (Break/Fix)

  10. Server-side Request Forgery (SSRF) (Break/Fix)

  11. SQL Security (Break/Fix)

These will live under More > Admin > Paths & Quests > Default Paths > Hands-on.


February 20th, 2024

New Hand-On Only Role Based Paths πŸŽ‰

Today, our Content team rolled out role-based, hands-on paths. You can find these by navigating to More > Admin > Paths & Quests > Default Paths > Hands-on:

AppSeC Professional

  • Foundational: AppSec Professional (Break/Fix)

  • Intermediate: AppSec Professional (Break/Fix)

  • Advanced: AppSec Professional (Break/Fix)

Web Developer

  • Foundational: Web Developer (Break/Fix)

  • Intermediate: Web Developer (Break/Fix)


February 16th, 2024

New Recommended Role Based & Break/Fix Paths πŸŽ‰

Our Content Team rolled out two new Break/Fix paths. These mirror existing courses on our legacy HackEDU site. These paths will show up in the Admin Path Ul and you can find them by going to More > Admin > Paths & Quests > Default Paths > Recommended > Break/Fix:

  • HackEDU: Credential Reuse

  • HackEDU: Cryptography

We also released two new paths for Web Developers. These paths will show up in the Admin Path UI and you can find them by going to More > Admin > Paths & Quests > Default Paths > Hands-on:

  • Foundational: Web Developer (Break/Fix)

  • Intermediate: Web Developer (Break/Fix)


February 8th, 2024

New Admin Feature πŸŽ‰

We've added a toggle for learner attribute (first name, last name etc.) editing that will allow learners to edit their user profile. If enabled, they'll be able to edit these attributes even if SSO or SCIM are enabled.


​Keep in mind, syncs from your IdP or SCIM API will still override manually entered attributes.


January 25th, 2024

New Features & Language Support πŸŽ‰

It was a big week for new features at Security Journey!


SCIM

You can now automatically create, update, and archive users directly from your identity provider (IdP) using SCIM. First name, Last Name and Email Address are the only user properties supported at this time. To learn more check out this collection of articles.

Break/Fix Task List

  • Created in response to customer feedback that instructional text was too long.

  • Enables learners to complete the lesson leveraging just the tasks list.

  • Break/Fix only

  • Starting with:

    • OWASP Top 10 2021

    • OWASP API Top 10 2023

Assignment by Learner Attribute

  • This functionality allows admins the ability to assign content and report on the assignment by learner attributes.

  • You can see the 10 new options in Assignment Selection filters in the Assignment UI

Additional Language Support

Our content team added Ruby to 8 more of our Break/Fix lessons:

  • Encoding (Cryptography)

  • Encryption (Cryptography)

  • Hashing (Cryptography)

  • Account Lockout (Credential Reuse)

  • CAPTCHA (Credential Reuse)

  • Persistant Cookies (Credential Reuse)

  • Device Fingerprinting (Credential Reuse)

  • Encoding, Hashing and Encryption (Credential Reuse)


January 18th, 2024

Content Improvements πŸ’ͺ

We continue expand our language support for our Break/Fix Lessons:

  • Security Misconfiguration now supports Ruby

  • Unsafe Consumption of APIs is available for C++

  • Unrestricted Access to Sensitive Business Flows is now available for Rust, Perl, C and C++


January 4th, 2024

Platform Updates & New Features 🚨

We have several new features that were rolled out this week!
​

Duration Based Assignments

We now allow you to specify how many days a learner has to complete an assignment vs. only being able to choose a strict start/end date.
​

Restricted Paths

You now have the ability to "restrict" a path to an assignment. This means that a path would only be visible to a learner if it was assigned to them. If restricted, the enabled path will not show up in the map or list view as an available option when choosing a path. For more information check out this article.
​

User Properties in Reporting

We've gone ahead and updated the Platform reports to include ALL available user properties as filters. This applies to properties created via SSO and to customers who manually added user properties in their user profile.

Did this answer your question?