Every company is different, and training needs vary widely.  You may need to get training done quickly for compliance reasons, or you may be lining HackEDU's training up with a wider effort, in which case these guidelines may not be relevant to you.

But in general, we recommend the following:

  • Keep training to 2-4 lessons a month
  • Spread training out throughout the year
  • Start with the OWASP Top 10
  • Don't include Challenges or "Public Vulnerability" walkthroughs until users have completed at least 5-6 lessons.
Did this answer your question?