NEW

• ‍Released  a public Log4j mission for developers to practice offensive skills. Inside the mission, developers will receive step-by-step guidance to mock-exploit the Log4j vulnerability in a simulated web browser. (CONTENT)
• Added walkthroughs to 6 more existing course templates: (CONTENT)
  • Security Awareness
  • SCW Recommendations
  • PCI-DSS
  • Program Certification Level 1
  • Program Certification Level 2
  • NIST_EO_14028
• Added 12 more walkthroughs (in total 26) to better align with OWASP Top 10 2021. Program managers can now build a comprehensive OWASP Top 10 2021 course with 1 walkthrough for each high-prevalence, high-impact subcategories. (CONTENT)
• Added 10 more challenges to Java:Spring for support of OWASP Top 10 2021 (529 challenges). (CONTENT)

IMPROVEMENTS

• Updated all Certification Program courses templates with the latest OWASP Top 10 2021. (CONTENT)
• Improved the support for deprecated content in courses and assessments, preventing confusion among developers. Before this update, the existing courses or assessments with deprecated content would use random challenges to fill in the gap, which led to confusion. From now on, developers can continue to assess the deprecated challenges instead of random ones, along with a warning explaining that these are outdated content. (CONTENT)