The table below lists some common product terms and definitions you'll find used within the Secure Code Warrior® learning platform.
A challenge is defined as a piece of vulnerable code presented as one (1) secure solution and three (3) insecure solutions.
A category is a grouping of similar vulnerabilities separated into application type, web, and mobile.
Examples are; Injection Flaws, Authentication, Session Handling, Cross-Site Request Forgery, Insecure Cryptography, Sensitive Data Storage, Access Control, Memory Corruption, Insufficient Transport Layer Protection, Information Exposure, etc.
An attempt is an effort to complete a stage within a challenge. More details here
A challenge can be played at different Stages. Challenge Stages are:
Stages can be combined as:
There are four (4) Playing Modes within the platform:
Walkthrough activity guides the developer step-by-step on how vulnerabilities manifest in real-world applications, providing context and helping developers experience the impact of vulnerable code.
Mission activity is for developers, with security ambitions, to practice their offensive skills, in an immersive simulation where they can experience the impact of poor coding practices
|Top 10 Ready||
A language or framework that has at least three (3) Training Challenges for each OWASP category.
|Secure Code Warrior® Labs||
Labs are where our more courageous warriors can play around with early releases of some of our new and exciting features and offer feedback directly to the team who developed them.
Note: Labs is an optional experience and Secure Code Warrior® makes no commitment that this feature will be incorporated into the platform as is, or at all. New features may or may not be available under the current subscription terms.