- Brand-new help menu to instantly access 24x7 knowledgebase, request support and keep up-to-date with the latest news and advice from Secure Code Warrior.
- All new languages C#(NET):API and Java:Servlets (Jackson) are Top 10 Ready. C#(NET):API is our first API only language and Jackson is a popular and efficient java based library to serialize or map java objects to JSON and vice versa.
- New and improved Direct Linking Content Mappings against CWE, OWASP and VRT (Vulnerability Rating Taxonomy), plus improved statistics to track leads being generated by our Partner Integrations.
- 5x new videos cover web vulnerabilities and 2x specifically for API vulnerabilities covering: Improper Assets Management and Mass Assignment.
- Added preferred development language:framework(s) to account profiles for a more tailored gamified learning experience.
- API now supports team management level role Reporting and Admin keys for better data segregation across an organisation.
- More than 300 challenges for C#:MVC (▲70) – that's over 15hrs of playing time!
- Mixed Tournament Ready for GO (▲23), and Scala:Play (▲21).
- Certified ISO27001 for information security management.
- API Version 2: Streamline user management, and save time by programmatically managing users and building management reports with new reporting metrics and better filtering. Ability to programmatically assign users to assessments now also available.
- 6x New video learning resources for web vulnerabilities covering: Authentication/Improper Authentication, Authentication/Insecure Password Change Function, Authentication/Insecure Password Reset Function, Authentication/Insufficient Anti-Automation, Security Misconfiguration/Disabled Security Features, Lack of Resources and Rate Limiting.
- New Challenges for Swift (▲33), Python:Django(▲29), C (▲28), GO (▲8), JavaSript:Node.js (▲8), Java EE - JSP (▲6), C# Web Forms (▲4), C# MVC (▲4) and Java:Spring (▲2).
- Updated brand and messaging for email templates.
- Fixed issue preventing the generation of PDF Certificates for Assessments.
- 6x New video learning resources for web vulnerabilities covering: Insufficient Logging, Information Exposure - Sensitive Data Exposure, Cross-Site-Scripting - DOM-Based XSS, Authentication, Server-Side Request Forgery and Insecure Cryptography - Exposed Keys.
- New Challenges for Ruby:Rails (▲62), C# Web forms (▲15), Java:Spring (▲6), Java EE: JSP (▲7), and C (▲4).
- Replaced 12 vulnerability categories across Mobile (8) and Web(4) video learning resources with 25 finer-grained vulnerability sub-category resources for a more focused learning experience.
- Prevent Players from enrolling in superseded Assessments.
- Added new email deliverability status for Company Administrators and Team Managers to see if an email has bounced.
- Fixed issues when creating Tournaments with C# (.NET) Core.
- Migration to the Future Ready Platform that will deliver a more scalable, higher quality product at velocity.
- New C#.NET CORE language:framework is Top-10 Ready with 40 Challenges.
- Improved Partner Integration for MicroFocus with with increased mappings of vulnerabilities and training content.
- Various back-end performance improvements to deliver a faster first-time login and better player experience.
- Resolved issue of missing Tournament Missions (Quests) when geo-blocked countries had been enabled.
- New challenges elevate Java:AndroidSDK to Gold Status + Mobile Mixed-Tournament Ready (▲51) and Python:Django now has over 170 challenges (▲36).
- Change main navigation menu order to better align user experience with AppSec program rollouts.
- Fixed over 40 bugs for more accurate challenges across available language/frameworks.
- Enhanced monitoring to deliver a better end-user experience by accurately viewing end-user page load times and reporting of application errors.
- Addition capacity and performance for the Secure Code Warrior infrastructure to speed up our overall service.
- Grammatical improvements for our platinum languages including; Python Django, NodeJS, C# MVC and Pseudocode.
- New Challenges now available for many of our supported languages and frameworks including C with more than 100 challenges and GO with over 130+.
- Aligned training points calculation between UI display and report, CSV export and REST API. No underlying data was changed or altered.
- New "Last Nudged" timestamp has been added to better manage team communications and improve engagement.
- Mobile Languages are now available to be played in Mixed Tournaments.
- Grammatical errors have been fixed in Java Springs.
- Removed videos from categories were irrelevant to prevent points penalty when using hints.
- Fixed missing API timestamps for invitations and registration reports.
- Grammatical errors have been fixed for Java EE (JSP) and C++
- Training ground improvements for Scala Play and Python Django.
- Fixed sound issues in Web App Security 101.
- Load Monitoring enabled to deliver a more secure and scalable platform.
- Logging API operations enabled to increase platform security.