A challenge is defined as a piece of vulnerable code presented as one (1) secure solution and three (3) insecure solutions.

A category is a grouping of similar vulnerabilities separated into application type, web, and mobile.

Examples are; Injection Flaws, Authentication, Session Handling, Cross-Site Request Forgery, Insecure Cryptography, Sensitive Data Storage, Access Control, Memory Corruption, Insufficient Transport Layer Protection, Information Exposure, etc.

An attempt is an effort to complete a stage within a challenge. More details here

A challenge can be played at different Stages. Challenge Stages are:

1. Locate - level up skills in finding vulnerabilities during code-review. 
   
2. Identify - build awareness in recognising vulnerabilities and how they work.
3. Fix - understand how to mitigate and solve the vulnerability.

Stages can be combined as:

1. Locate & Fix
2. Identify & Fix

There are three (3) Playing Modes within the platform:

1. Tournament
2. Training
3. Assessment
   

Walkthrough activity guides the developer step-by-step on how vulnerabilities manifest in real-world applications, providing context and helping developers experience the impact of vulnerable code.

Mission activity is for developers, with security ambitions, to practice their offensive skills, in an immersive simulation where they can experience the impact of poor coding practices

A language or framework that has at least three (3) Training Challenges for each OWASP category.

Labs are where our more courageous warriors can play around with early releases of some of our new and exciting features and offer feedback directly to the team who developed them.

Note: Labs is an optional experience and Secure Code Warrior® makes no commitment that this feature will be incorporated into the platform as is, or at all. New features may or may not be available under the current subscription terms.