Skip to content
Contact us
  • There are no suggestions because the search field is empty.

Hands On Lesson Types Explained

Understand the different hands-on lesson types in Security Journey and how each activity is completed.

Hands-On Lesson Types Explained

Security Journey offers several hands-on lesson formats designed to keep learners engaged and help them practice real-world skills. Each lesson type supports different learning outcomes—whether learners are focused on fixing vulnerable code, writing secure code, or thinking like an attacker.

Hands-On Lesson Types

1) Break/Fix Lessons

Best for: Learning how vulnerabilities work and how to remediate them.

Break/Fix lessons guide learners through two stages:

  1. Break: Learners start as the attacker and exploit a vulnerability to see how it works in practice.

  2. Fix: Learners then switch to the defender role and update the insecure code to mitigate the vulnerability.

Break/Fix lessons are available across multiple languages and frameworks, and learners complete the work in a simple in-browser editor. After making changes, learners can test their fix to confirm the issue is resolved.

2) Coding Challenge

Best for: A deeper, more realistic developer-style experience.

Coding Challenges simulate real development scenarios by giving learners access to the full source code of an application that contains a vulnerability.

Compared to Break/Fix lessons, these challenges provide less step-by-step guidance, encouraging learners to rely more on their code review and problem-solving skills. Once learners remove the vulnerability, they can test their solution to confirm it works.

To learn more check out this article: Coding Challenges

3) CTF Challenge

Best for: Practicing attacker techniques in a realistic environment.

CTF Challenges put learners in the role of the attacker, where they attempt to compromise a vulnerable website using skills they’ve learned.

The goal is typically to exfiltrate a “flag”, which confirms the learner successfully completed the challenge. Difficulty varies, with some challenges designed for more experienced learners.

4) Coding Exercises

Best for: Reinforcing concepts immediately after a lesson through focused, hands-on practice.

Coding Exercises are short, language-specific labs designed to strengthen secure coding skills. These exercises are typically appended to video lessons, giving learners the opportunity to apply what they just learned in a practical context.

In a Coding Exercise, learners:

Review: Examine a snippet of vulnerable code related to the lesson topic.

Remediate: Modify the code to properly address the vulnerability using secure coding best practices.

Coding Exercises focus on targeted skill development within a specific language, helping learners build confidence through repetition and direct application. Like Break/Fix lessons, they are completed in a simple in-browser editor, allowing learners to test their changes and validate their solution.