Every company is different, and training needs vary widely.  You may need to get training done quickly for compliance reasons, or you may be lining HackEDU's training up with a wider effort, in which case these guidelines may not be relevant to you.

But in general, we recommend the following:

  • Keep training to 2-4 lessons a month

  • Spread training out throughout the year

  • Start with the OWASP Top 10

  • Don't include Challenges or "Public Vulnerability" walkthroughs until users have completed at least 5-6 lessons.

Did this answer your question?