Menu

    July 2025

    Avatar
    Secure Code Warrior Elves
    • Updated
    Follow

     

    Cybermon 2025: The Age of AI 

    Cybermon starts 6 October 2025 

    Highly anticipated Cybermon campaign is back for 2025, starting 6 October 2025. All new content & characters, exclusive content and prizes await. Check out the Cybermon page for all details.

     

    Quests 

    NIST and NIS2 Objectives 

    We’ve expanded the standards-based objectives in Quests by adding NIST and NIS2. You can now set NIST or NIS2 as an objective when creating a Quest.

    • NIST (Executive Order 14028)
      • Based on guidance from the National Institute of Standards and Technology (NIST), as directed by Executive Order 14028 on Improving the Nation’s Cybersecurity
    • NIS2
      • This NIS2 training course covers practical topics such as supply chain security, cryptography, encryption, and multi-factor authentication. It also touches on essential requirements like network security, risk management, incident handling, and vulnerability management requirements

     

     Additional Security Concepts 

    We’ve expanded the content available in Quests by adding more security concepts, offering a broader range to choose from.

    • Secure Implementation of Docker
    • Secure Implementation of Kubernetes
    • OWASP TOP 10 CI/CD (Github Actions)
    • OWASP TOP 10 CI/CD (Jenkins Declarative)
    • OWASP TOP 10 CI/CD (Jenkins Scripted)

     

    Language selection now only affects Quests, not Learn 

    We’ve simplified how learners access courses in Learn by removing the need to select languages on the My Quests page. Now, all language-specific courses are visible and accessible directly in Learn, with the ability to search and filter, just like in Explore.
     

    What’s New?
    • Language selection on the My Quests page now only affects Quests
    • The Learn page now shows all language-specific courses by default
    • Learners can search and filter in Learn, similar to Explore

     

    Assign by tags

    We’ve made it easier to assign Quests by introducing tags, a flexible way to target training. Tags let you assign Quests to specific cohorts, even if those learners span multiple teams.

     
    What’s New?
    • New Quests assignment option of tags
    • Select one or multiple tags to assign to a Quest

     

    User management

    Filter by multiple emails

    You can now filter the entire user list by copy-pasting multiple emails.


    Simply copy paste all emails into new "Email" filter, and the user management list will be filtered to target users. Select all and perform bulk actions to enable/disable, move teams or change tags.

     

    Explore

    New AI Content Toggle

    Learners can now easily discover AI-related content in Explore using a new toggle. When switched on it instantly shows all content related to AI.

     

    Trust Agent

    Policy Gating

    Apply secure coding proficiency directly at the commit level. This feature allows you to set and apply minimum standards for developers contributing to your business-critical repositories, proactively preventing insecure code from entering your codebase. These configurable policy gates can be applied to any CI pipeline, providing next level governance for business-critical applications and those requiring specific compliance measures, including PCI-DSS.

     

    Quests Configurable in Trust Agent Policy

    Leverage Quest completion as a requirement for high trust commits in Trust Agent. This update brings the latest Secure Code Warrior learning path into scope for your custom Trust Agent policy, ensuring recognition of diverse learning efforts.

     

    Autodiscovery for Azure DevOps Repos

    To streamline your setup, Trust Agent now supports automatic repository discovery for Azure DevOps Repos, making it faster and easier to onboard and manage your repositories for broader security coverage.
     

    Metrics

    Upload CSV for Vulnerability ROI insights

    Securely upload CSV files containing your real-world application security findings to overlay this data with SCW learning insights to produce an ROI report showing the impact of training efforts. 

    Review CSV requirements here.

     

    Detailed export for Learner view

    You can now export all activities for a single user. Simply click on a user in any report, then choose "Export all activities" option to download a CSV with all activities this user has completed on the platform.

    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.