Product

Supported Vulnerabilities

Hyper-relevant framework specific learning is critical to ensure developers know how to defend your code.

Did you know that 85% of all software security exploits are attributed to just 10 known vulnerabilities? These security risks are identified and ranked in the OWASP Top 10.

Secure Code Warrior’s learning content includes over 5,500 challenges and missions covering over 147 different vulnerability types, including the all-important OWASP Top 10, OWASP Mobile Top 10, OWASP API Security Top 10 and CWE/SANS Top 25. Our challenges are continuously revised and updated to include new programming frameworks, as well as new vulnerability types.

We are proud to offer the most comprehensive secure code training, with available challenge content spanning everything from Java, Node.js, C# and React, to legacy languages like COBOL and the ultra-modern GO lang. See our Supported Languages for the full list.

Insufficient Transport Layer Protection (Mobile)
Cross-site Request Forgery
Improper Assets Management
Reverse Engineering
Lack of Resources & Rate Limiting
XML External Entities (XXE)
Mass Assignment
Insecure Data Storage
Sensitive Data Storage
Server-side Request Forgery
Extraneous Functionality
Code Tampering
Client Code Quality
Improper Platform Usage
Lack of Binary Protections
Insufficient Transport Layer Protection
Client Side Injection
Broken Cryptography
Vulnerable Components
Insufficient Logging & Monitoring
Side Channel Vulnerability
Information Exposure
Unintended Data Leakage
Unvalidated Redirects & Forwards
Memory Corruption
Injection Flaws
File Upload Vulnerability
Denial of Service (DoS)
Insecure Authorization
Insecure Authentication
Improper Session Handling
Session Handling
Cross-site Request Forgery
Authentication
Security Misconfiguration
Insecure Cryptography
Business Logic
Cross-Site Scripting (XSS)
Access Control
Mass Assignment
Server-side Request Forgery
Insecure Authorization
Insecure Authentication
Improper Session Handling
Session Handling
Cross-site Request Forgery
Authentication
Access Control
Cross-site Request Forgery
Lack of Resources & Rate Limiting
XML External Entities (XXE)
Unintended Data Leakage
Unvalidated Redirects & Forwards
Memory Corruption
Injection Flaws
File Upload Vulnerability
Denial of Service (DoS)
Cross-Site Scripting (XSS)
Insufficient Transport Layer Protection (Mobile)
Improper Assets Management
Reverse Engineering
Extraneous Functionality
Code Tampering
Client Code Quality
Improper Platform Usage
Lack of Binary Protections
Client Side Injection
Broken Cryptography
Vulnerable Components
Insufficient Logging & Monitoring
Side Channel Vulnerability
Information Exposure
Business Logic
Insecure Data Storage
Sensitive Data Storage
Insufficient Transport Layer Protection
Insecure Cryptography
Security Misconfiguration

Get ahead in your industry.

Talk to us today and make software security an intrinsic part of your development process.

Start Your Free Trial
Sensei Free 21 Day Trial
Book a Demo