Skip to content

Contact us

Contact us

How can we help you?

There are no suggestions because the search field is empty.

Help Center
Training Library
Recommended Paths

Security Journey Release Notes
- HackEDU Release Notes
- Security Journey Release Notes
Configuration and Setup
Training Library
Assessments
Assignments
- Setup and Configuration
- Assignment Features
Tournaments
Champion Passport
Reporting
- API
- Reporting FAQs
Customer Support & Feedback
Security Journey FAQs
Learner Resources
Hands-On Break/Fix Lesson Help
HackEDU Platform

July 2, 2025

Recommended Paths: Tester

This article describes our Recommended Tester Paths.

Our Tester Learner Path is designed for individuals who evaluate and test newly developed software applications. This includes roles such as QA, analysts, software testers, and others with similar responsibilities.

Upon completing these learning paths, the Tester Learner will be equipped with the skills necessary to work effectively within the SDLC to identify and resolve vulnerabilities.

Foundational: Tester

Foundational principles of application security for testers. (Video Only)

Total Learning Path Duration: 4 hours 8 minutes

Introduction to Security Journey

Introduction to Security

Core Security Concepts

Threat Landscape

The Hacker Mindset

Social Engineering

Security Culture and Mindset

Security Business Case

Prioritizing Security

Translating Security

Risk Managment for AppSec

Privacy and Customer Data Protection

Dealing with Vulnerabilities

Security at Home

Tips for Secure Remote Work

Knowledge Sources

Threat Landscape: Cloud

IoT Threat Landscape

Secure Development Lifecycle

Intermediate: Tester

In-depth exploration of threat modeling, threats, security controls, and testing tools (Video + Hands On)

Total Learning Path Duration: 4 hours 43 minutes

Six Foundational Truths of Application Security

Security Requirements

Threat Modeling Basics

Threat Modeling Process

Threat Modeling (HackEDU)

Input Validation

Output Encoding

Authentication Theory

Authorization Theory

Logging and Exception Handling

Software Supply Chain

Injection: SQL and Command

Cross Site Request Forgery (CSRF)

Cross-Site Scripting (XSS) | Part 1

Cross-Site Scripting (XSS) | Part 2

Buffer Overflows and Remote Code Execution

Denial of Service (DoS)

Server-Side Request Forgery

Insecure Communication

Static Application Security Testing (SAST)

Static Application Security Testing (SAST) (HackEDU)

Dynamic Application Security Testing (DAST)

Dynamic Application Security Testing (DAST) (HackEDU)

Advanced: Web App Tester

Learn about advanced testing tools, deep dive into web application threats and common application weaknesses, fundamentals of approaching security testing, and leveraging SWSTL. (Video + Hands On)

Total Learning Path Duration: 5 hours 24 minutes

Thinking like a Penetration Tester

Vulnerability Scanning

Next Generation AppSec Tools

Penetration Testing an Bug Bounty

OWASP Top 10 | Part 1

OWASP Top 10 | Part 2

OWASP Top 10 | Part 3

CWE Top 25 | Part 1

CWE Top 25 | Part 2

CWE Top 25 | Part 3

CWE Top 25 | Part 4

Security Testing: Introduction to Web Application Security Testing

Security Testing: Security Testing Truths

Security Testing: Security Testing Techniques

Security Testing: Web Application Penetration Testing Tools

SWSTL: Software Security Testing Lifecycle

SWSTL: Secure Requirements and Threat Modeling for Testers

SWSTL: Building a Security Testing Strategy

SWSTL: Build Tests and Review

SWSTL: Automate Security Tests | Part 1

SWSTL: Automate Security Tests | Part 2

SWSTL: Validating Security Findings and Controls

Security Testing: Client-Side Testing for DOM-XSS

Security Testing: Server-Side Testing for Authentication Bypass

Copyright © 2025, Security Journey