Skip to content
Contact us
  • There are no suggestions because the search field is empty.

Security Journey Network Safelisting Requirements

This article contains the domains that may need to be added to your company's firewall, proxy,  mail filter or antivirus allowlist.

Firewall and Proxy Allowlist Recommendations

Domain list last updated: June 6, 2025

Every organization’s network configuration is different. To ensure the Security Journey Platform functions correctly, some domains may need to be allowlisted within your firewall, proxy, or network security tools.

If these domains are blocked, users may experience issues with:

• Platform access
• Interactive labs
• Video playback
• Feature functionality
• Live chat support

The domains below should be accessible to ensure learners can use the platform without interruption.

Domain Allowlist Requirements

Sandbox / Lab Environment

The following domains are required for interactive labs and sandbox environments.

securityjourney.com
*.securityjourney.com
*.sb.my.securityjourney.com
*.hackedu.com

Platform and Video Delivery

These domains support platform functionality and video playback.

securityjourney.com
my.securityjourney.com
vimeo.com
*.vimeocdn.com
*.vimeo.com
*.akamaized.net

Platform Tools

These services support platform feature flags and telemetry.

*.launchdarkly.com
browser-intake-datadoghq.com

Live Chat Support

These domains enable in-platform live chat functionality.

js.usemessages
js.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hubspot.com

Testing Browser Connectivity

Before making any network changes, you can verify whether your network is blocking required domains.

Visit the Security Journey connection test page:

https://my.securityjourney.com/test-connection

This page checks connectivity to the domains required for the platform to function correctly.

Troubleshooting Connectivity Issues

Step 1 — Verify Domain Connectivity

Open the following page in your browser:

https://my.securityjourney.com/test-connection

If any domains fail to connect, work with your IT or network team to allow access before continuing troubleshooting.

Step 2 — Check Packet or SSL Inspection

If all domains connect successfully but lesson functionality still fails, verify that your security tools are not performing deep packet inspection or SSL inspection on platform domains.

Some VPN and firewall solutions inspect encrypted traffic inside VPN tunnels. For example, GlobalProtect gateways may inspect packets within encrypted connections to enforce security policies.

This inspection can interfere with:

• HTTP streaming
• WebSocket connections
• Interactive lab environments

If your browser shows errors on a URL similar to:

my.securityjourney.com/.../stream

packet or SSL inspection is likely interfering with the connection.

Resolution

Exclude the following domain from packet or SSL inspection: my.securityjourney.com

Browser Connectivity Note (IPv6)

Some networks handle IPv6 traffic differently across browsers.

Google Chrome prefers IPv6 when it is available, while other browsers may default to IPv4.

If IPv6 traffic is not properly routed through your organization’s proxy or security controls, Chrome users may experience connectivity issues with interactive labs.

Recommendation

Ensure both IPv4 and IPv6 traffic are allowed and routed consistently for the following domains:

*.sb.my.securityjourney.com
app.sb.my.securityjourney.com

Email Notification Allowlist

Security Journey sends password resets and platform notifications from the following addresses:

no_reply@securityjourney.com
no-reply@securityjourney.com

If your organization uses email filtering or security gateways, you may need to allowlist these addresses to ensure messages are delivered.

 Related Articles