Definitions and Terms used by Secure Code Warrior

A challenge is defined as a piece of vulnerable code presented as one (1) secure solution and three (3) insecure solutions.

A category is a grouping of similar vulnerabilities separated into application type, web, and mobile.

Examples are; Injection Flaws, Authentication, Session Handling, Cross-Site Request Forgery, Insecure Cryptography, Sensitive Data Storage, Access Control, Memory Corruption, Insufficient Transport Layer Protection, Information Exposure, etc.

An attempt is an effort to complete a stage within a challenge. More details here

A challenge can be played at different Stages. Challenge Stages are:

1. Locate - level up skills in finding vulnerabilities during code-review. 
   
2. Identify - build awareness in recognising vulnerabilities and how they work.
3. Fix - understand how to mitigate and solve the vulnerability.

Stages can be combined as:

1. Locate & Fix
2. Identify & Fix

There are four (5) Playing Modes within the platform:

1. Tournament
2. Explore & Training
3. Assessment
   
4. Courses
5. Quests

Walkthrough activity guides the developer step-by-step on how vulnerabilities manifest in real-world applications, providing context and helping developers experience the impact of vulnerable code.

Mission activity is for developers, with security ambitions, to practice their offensive skills, in an immersive simulation where they can experience the impact of poor coding practices

Coding Labs helps developers advance their secure coding skills through hands-on training with intuitive feedback. Developers can advance their secure coding skills in a one-of-a-kind fully powered in-browser IDE

Guidelines provide targeted learning that is tailored to the language/framework of your choice. They guide developers through defensive security strategies to increase knowledge before diving into interactive learning.

A language or framework that has at least three (3) Training Challenges for each OWASP category.

Our more courageous warriors can play around with early releases of some of our new and exciting features and offer feedback directly to the team who developed them.

Note: Preview is an optional experience and Secure Code Warrior® makes no commitment that this feature will be incorporated into the platform as is, or at all. New features may or may not be available under the current subscription terms.