We're here to help

Menu

    How to Create Your Own Course Module

    Avatar
    Secure Code Warrior Elves
    • Updated
    Follow

    In our previous article, How to Create a Course, we briefly touched on creating custom course modules as an option, aside from using pre-configured modules and templates.

    Creating a custom course module can help you focus on specific key weaknesses discovered using our tournaments and assessments, or by using other security tools your company has access to.

    You can also more readily customize the content for certain developer groups as well as define the type of vulnerability or activity types for developers to undertake.

    This article describes how to create a module. 

     

    Note: Creating a module can be done during the course creation, or whilst the course is in a draft or unpublished state.


    Pre-requisites

    When creating or editing course content, select the required language, and click + Add vulnerability module to start building the course module. If you haven't yet created a course, please see the How to Create a Course article.

    Note: New modules will only be added to one language.

    add-module.png

    There are two ways to add a course module;

    • Creating a new module from scratch - This gives finite control over the vulnerability category, sub-category, type of activity, difficulty, playing stage, hints, and unlock conditions.
      (Note: An unlock condition prevents the module from being played until a prerequisite module is completed first. This helps guide the developers through the required learning activities.)

    • Search for a vulnerability module - This makes it easy to select predefined modules for the chosen language.

      Note: This option excludes modules that have already been added.

    select-type.png

     

    Create a New Module From Scratch

    Step 1.

    Enter the name and description for the new module and, if required, add an unlock condition.

    Note: This option will be disabled if no other modules are available.

    Scroll down to the Activities section and click the + button to start adding activities.

    add-custom-module_1_.png 

    Step 2

    Clicking the + button to add an activity will bring up a separate window that gives you the option to choose from three different types of activities:

    • Video - Demonstrates foundational concepts
    • Challenge - Practical code with a choice of interactive playing stages and difficulties. Challenges can be played with hints or no hints. A challenge can also be set up as a checkpoint. Checkpoints are special challenges that are played with no hints and can be used to unlock module content when successfully completed;
    • Custome - An option to add tailor-made messages and or instructions to any Course module

    Courses_activity.png



    Adding a Video

    Select the Video option and then choose a Topic for the video. There are two topics to choose from:

    • Security Foundations
    • Security Vulnerabilities


      mceclip0.png

      Security Foundations       videos can be selected in relation to Application Security Concepts or Web App Security 101. Select a category and then choose the appropriate video you want to add.

      You can also choose a specific security vulnerability to target. Select Security Vulnerabilities as the topic and then select the appropriate category and sub-category.

      mceclip1.png

    Click Apply changes to continue.

     



    Adding a Challenge

    Select the Challenge option. You'll be prompted to choose a vulnerability category, subcategory, and the desired difficulty level.

    Tip: Difficulty is a great way to cater for different levels of experience across your team. 

    Stage(s) allows you to choose how the challenge will be played;

    1. Identify -- Builds awareness in recognizing vulnerabilities and how they work
    2. Locate -- Levels up skills in finding vulnerabilities during code-review
    3. Fix -- Understand how to mitigate and solve the vulnerability
    4. Identify & Fix -- Combines identify and fix
    5. Locate & Fix -- Combines locate and fix

    Lastly, decide whether or not to enable hints. 

    Courses_-_Checkpoints.png

    To Add a Checkpoint, toggle the checkpoint button. Please note that hints are disabled for Checkpoints.


    Once you're ready, click Apply changes to continue.

     

    Adding a Custom Message 

    Select the Custom option. You will be prompted to enter a title and body for your custom message.

    A custom activity can be added at the start, middle, or as the last activity in the course as part of any module. It can also be added to existing modules and course content.

    For example, a course can be created based on a template (e.g. OWASP Top 10) and then modified to add custom activities.

    Tip: Messages can contain hyper-links to supporting documents and videos. This allows company admins or team managers to include links to their own client-hosted proprietary documents and procedures.



    Courses_-_Custom_Messages.png

    Note: Tick the "requires users to confirm they have completed this activity" checkbox for any activity that's mandatory for developers to complete.


    Search for a Vulnerability Module

    Step 1.

    From the Add vulnerability module window, select the Search for a vulnerability module option.

    Search for the desired vulnerability category and choose an option from the results displayed. 

    Note: If a module for your searched vulnerabilities isn't listed, try using the ‘Create a new module from scratch’ option.

    add-predefined-module.png

    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.