Customizing Your AppSec Learning Themes (with Examples)

Are you looking for ways to elevate your AppSec training? First, it's essential to keep in mind that not all learners are the same, and everyone has different learning needs and preferences – whether on an organizational level, team level, or employee level.  

A great way to incorporate personalization is by implementing learning themes and paths. Creating guides for your learners to follow can increase engagement, retention, and completion rates.  

At Security Journey, we recommend making the most of our AppSec Education Platform by personalizing your learning themes for your organization. And our team has some fun ideas to customize your training themes!  

Progressive Learning  

Progressive Learning is an educational philosophy emphasizing the importance of learners working through content at their own pace and developing their abilities.

This type of learning environment emphasizes gradual improvement and adaptation over time instead of trying to achieve mastery all at once – you can think of your learners' leveling up' from one skill to another, building on their knowledge, to move forward.  

Here is an example of Progressive Learning Levels:  

• Foundational: This training content will be about what vulnerabilities are 
• Intermediate:  This training content can cover how to spot vulnerabilities within the code  
• Advanced: This training content can teach how to remediate vulnerabilities through a hands-on activity
• Professional: This is where the learner applies their knowledge inside the organization, for example by evaluating security processes; in the professional level, the learner can take action with the knowledge they have gained to have a meaningful impact on the organization  
• Expert: The learner has become a Security Champion and can be an instructor delivering security education sessions, and working as a liaison between security and development

In the example, the training content guides your learner from foundational knowledge to hands-on technical training. This type of learning environment is often less structured and more flexible than traditional educational settings and places a greater emphasis on learner exploration, discovery, and creativity.  

Read More: Benefits of Progressive Learning Paths for AppSec Education 

Using Learning Paths for Learner Engagement 

Using learning paths is a great way to organize your training content while using a progressive learning approach. By arranging your content into paths, your learners can easily be guided through their security training journey while having the flexibility to work at their own pace with content meaningful to their role.

We believe in learning paths so much that we have included extensive learning path capabilities into our AppSec Education Platform to utilize them, including:  

• Pre-Built Learning Paths: Curated by Security Journey application security experts, these learning paths combine lessons to address common application security concepts and issues. Build a foundation of application security knowledge. Then, give developers the tools to recognize and mitigate common threats like those in the OWASP Top 10.
• Customized Learning Paths: With the most flexible approach in the industry, you can customize pre-built learning paths to add or subtract lessons that meet your organization's needs. Build a complete learning path from scratch, choosing from more than 700 available lessons. The options are virtually limitless, giving you the power to deliver the training your way.  
• Training Automation Learning Paths: When you integrate your SAST/DAST tools and bug bounty programs, our platform uses your known vulnerabilities to generate learning paths specific to your organization's needs. Training Automation creates training plans to ensure learners only complete the training they need.  

When your learners complete learning paths, they are rewarded by moving up in steps within the chosen theme and completion certificates. This gamified approach to learning with learner engagement top of mind can foster a culture of learning.   

Customize Level Naming to Fit Your Organizational Culture 

Security Journey’s AppSec Education Platform gives you the ability to customize your theme names. This gives our customers the ability to brand their training and use their own naming conventions for continuity across their organization.  

We asked our Security Journey team what they would name training themes, and we got back some great responses! (Feel free to use these for your program!)  

Let's take a look:  

The Security Journey AppSec Education Platform offers Mountain Climbs, Belts, and Levels:

Mountain Climbs

• Mt. Fuji
• Matterhorn
• Denali
• K2
• Mt. Everest

• White
• Yellow
• Green
• Brown
• Black 

Michael Borton, Chief Financial Officer, suggested Scout Levels: 

• Tenderfoot 
• 2nd Class 
• 1st Class 
• Star 
• Eagle 

John Campbell, Director of Content Engineering, recommended Star Wars Jedi Ranks: 

• Youngling 
• Padawan 
• Knight 
• Master 

Caitlyn Bengele, Sales Enablement Manager, thought Taylor Swift album names would be fun: 

• Lover 
• 1989 
• Red 
• Reputation 
• Midnights 

Dominic Gibbons, Sales Development Representative, thought up adventure levels: 

• Tourer 
• Discoverer 
• Adventurer 
• Explorer 
• Voyager 

Ali Mazzotta, Senior Product Manager, suggested white water rafting classes: 

• Class I 
• Class II 
• Class III 
• Class IV 
• Class V 

Joe Ferrara, CEO, recommended ski and snowboard levels of ability: 

• Green 
• Blue 
• Black 
• Double Black 
• Freeride 

John Ross, Software Engineer, thought that security clearances would be interesting: 

• Unclassified 
• Confidential 
• Secret Security 
• Top Secret Security 
• Sensitive 

Mark Szymanski, Software Engineer, suggested sports rankings: 

• Amateur 
• Rookie 
• Veteran 
• All-Star 
• MVP 

Are You Ready To Level Up? 

If you're ready to give your learners an engaging custom learning experience, you can contact our team today for a custom demo of the Security Journey AppSec Education Platform.