Skip to content

Contact us

Contact us

How can we help you?

There are no suggestions because the search field is empty.

Help Center
Training Library
Recommended Paths

Security Journey Release Notes
- HackEDU Release Notes
- Security Journey Release Notes
Configuration and Setup
Training Library
Assessments
Assignments
- Setup and Configuration
- Assignment Features
Tournaments
Champion Passport
Reporting
- API
- Reporting FAQs
Customer Support & Feedback
Security Journey FAQs
Learner Resources
Hands-On Break/Fix Lesson Help
HackEDU Platform

June 6, 2025

Recommended Path: Business Learner

This article describes our Recommended Business Learner Paths.

Our Business Learner Paths are designed for individuals involved in software development, such as product managers, UX designers, system admins, and QA engineers to help them support secure development efforts.

The Business Learner training content is organized into three progressive levels:

Business Learner Foundational: Introduces the basics of application security, such as the different types of security vulnerabilities, the importance of secure coding practices, and the role of security testing.
Business Learner Intermediate: Takes a deeper dive into application security, covering threat modeling, risk assessment, and security controls.
Business Learner Advanced: Covers cutting-edge application security topics, such as DevSecOps, secure design, and common weaknesses.

Foundational Business Learner

Video Only | Total Learning Path Duration: 4 hours and 8 minutes

Introduction to Security Journey

Introduction to Security

Core Security Concepts

Threat Landscape

The Hacker Mindset

Social Engineering

Security Culture and Mindset

Security Business Case

Prioritizing Security

Translating Security

Risk Managment for AppSec

Privacy and Customer Data Protection

Dealing with Vulnerabilities

Security at Home

Tips for Secure Remote Work

Knowledge Sources

Threat Landscape: Cloud

IoT Threat Landscape

Secure Development Lifecycle

Intermediate Business Learner

Video Only | Total Learning Path Duration: 4 hours and 40 minutes

Six Foundational Truths of Application Security

Security Requirements

Threat Modeling Basics

Threat Modeling Process

Threat Modeling Examples

Threat Modeling Manifesto

Input Validation

Output Encoding

Authentication Theory

Authorization Theory

Logging and Exception Handling

Software Supply Chain

OWASP Top 10 | Part 1

OWASP Top 10 | Part 2

OWASP Top 10 | Part 3

Injection: SQL and Command

Cross Site Request Forgery (CSRF)

Cross-Site Scripting (XSS) | Part 1

Cross-Site Scripting (XSS) | Part 2

Buffer Overflows and Remote Code Execution

Denial of Service (DoS)

Server-Side Request Forgery

Insecure Communication

Advanced: Business Learner

Video Only | Total Learning Path Duration: 4 hours and 57 minutes

AppSec in an Agile World | Part 1

AppSec in an Agile World | Part 2

AppSec in a DevOps World

Security Behaviors for DevOps

CWE Top 25 | Part 1

CWE Top 25 | Part 2

CWE Top 25 | Part 3

CWE Top 25 | Part 4

Static Application Security Testing (SAST)

Dynamic Application Security Testing (DAST)

Vulnerability Scanning

Next Generation AppSec Tools

Penetration Testing and Bug Bounty

Thinking like a Penetration Tester

Intro to Secure Development

Designing a Secure App or Product

Secure Design Principles | Part 1

Secure Design Principles | Part 2

Secure Design Principles in Action: Part 1

Secure Design Principles in Action: Part 2

Intro to Secure Coding

Securing the Development Environment

Protecting your Code Repository

Secure the Release

Copyright © 2025, Security Journey