Security Journey launches role-based learning paths for application security training
Pittsburgh, PA, October 11, 2023 -- Security Journey, a secure coding training provider, today launched Recommended Learning Paths; new collections of specially chosen lessons specifically designed for individual roles within development and broader software development life cycle (SDLC) teams to improve software security knowledge and achieve compliance requirements.
Application security has become non-negotiable: 2022 saw the highest number of new CVEs to date and 2023 looks set to continue the trend. Today’s development teams are therefore under increasing pressure to balance time-to-market pressures with the need to produce more secure code. Mounting regulatory pressures from the new US National Cybersecurity Strategy adds to these demands, by mandating application developers prioritize security throughout the software development lifecycle.
Faced with this evolving landscape, it can be challenging for training program administrators to determine the best approach for their organization, especially when regulations like PCI DSS demand secure code training for developers that is role specific. This is where Recommended Learning Paths come in. They offer groups of lessons which have been carefully curated by application security experts to improve knowledge, optimize training time, help meet compliance regulations, and respond to post-breach audit recommendations.
Security Journey CEO, Joe Ferrara comments: “The overwhelming customer response to these new training paths is testament to strong market demand. Every organization wants to ensure it is training each role in the development team effectively, with the application security concepts that matter most to them—whether to proactively improve security knowledge or meet compliance requirements. Until now, nothing on the market truly delivered role- or compliance-based training like this. It will ultimately help organizations to produce more secure code, which saves money, builds trust, and drives innovation.”
With Recommended Learning Paths, organizations can:
- Take the guesswork out of choosing lessons to meet unique organizational needs
- Proactively improve development team knowledge
- Easily achieve regulatory compliance
- Respond to post-breach audit recommendations
- Ensure all development roles get targeted lessons to build skills, without wasting valuable time
Today, the Learning Paths come in two varieties, Role-Based and Compliance-Based.
Role-Based Learning Paths have been selected for each of the key roles involved in developing software. Each path has three levels of learning that build progressively: Foundational, Intermediate and Advanced. Each level within a learning path contains 24 or fewer lessons, with learners rewarded with a certificate at the end of each level.
Role-based learning paths ensure the right training is delivered to the right people at the right time, and ensure knowledge and skills are built continuously in stages rather than as a one-off exercise and are available for the following roles:
- Business Learner (Product Management, Project Management, UX)
- Web Developer, Front-End
- Web Developer, Back-End
- Native Developer
- Mobile Developer (iOS)
- Mobile Developer (Android)
- Data Scientist
- QA Tester
- DevSecOps
- Cloud Engineer
Compliance-Based Learning Paths are collections of lessons designed to help learners achieve their compliance goals and go beyond to build advanced AppSec knowledge and skills. Each path contains 24 lessons and is designed to minimize training time. There is only one level in compliance-based paths, after which the learner receives a certificate. Reports can be easily generated to understand and verify completion.
Compliance-based learning paths include:
- OWASP Top 10
- PCI DSS
- White House Executive Order
This new product release also includes a content refresh of 55 video-based lessons in keeping with the company’s commitment to give learners the latest security guidance.