Security Sherpa Logo Transparent

Application Security Training Platform | Security Sherpa

Available on AWS

What is Security Sherpa?

Security Sherpa is a training platform for web and mobile application developers. Sherpa’s learning modules range from beginner to expert level, and vary in penetration testing techniques. The learning modules are designed to help train you on OWASP’s top ten security risks. You can train anywhere from one developer to hundreds of developers at a time using our AWS instances.

What Are The Use Cases For Security Sherpa?

Security Sherpa is a multi-use app-sec training platform. 

Some of the use cases include:

  • Teach web/mobile application security
  • Explore secure playground to practice application security techniques
  • Train developers in web/mobile app pen testing 
  • Demo security risk examples for your team
  • Analyze team pen-testing skills through reporting
  • Introduce competition into your employee training

What Security Risks Are Covered In The Training Modules?

Security Sherpa’s training modules focus on training your team in the security risks that could be the most likely vectors of attack.

Here’s a list of some of the attack vector training modules included in Sherpa:

  • Cross-site scripting
  • Broken authentication and session management
  • SQL injection
  • Sensitive data exposure
  • Security misconfiguration
  • Insecure direct object reference
  • Unvalidated redirects and forwards
  • Cross-site request forgery
  • Missing function level access control
  • Unintended data leakage
  • Insecure data storage
  • Poor data validation
  • Lack of binary protections 
  • Client side injection
  • Broken crypto
  • Poor authentication and authorization 


What Training Modes Can I Use in Sherpa?

Security Sherpa can be used in 3 different modes operated by the administrator. The Admin has the ability to allow or cut off access to different levels that are available to users.

Open Floor Mode

Open Floor Mode allows users to freely access any module that is allowed by the admin. OFM let’s users explore and go at their own pace.

CTF Mode (Capture The Flag)

In CTF mode, users can access one module at a time. Once a module is complete, the user is presented with a more difficult training module. 

Tournament Mode

Tournament mode is ideal for an open application security competition. Modules are available to users from the least difficult to most difficult levels.

How Does Security Sherpa Benefit My Team?

Sherpa stands out from the crowd because it’s scalable, adaptable, and affordable.

Benefits To Users

  • Start your training in modules that match your experience level.
  • Go at your own pace and get real-world experience in a safe environment.
  • Compete against your coworkers or with people around the world in tournament mode.

Benefits To Team Leaders

  • Enjoy the flexibility of adding on users without having to talk to a sales rep or revise a contract.
  • Save time on money on quality assurance costs.
  • Measure your team’s skill level in security risk mitigation.

Benefits To The Bottom Line

  • Only pay for what you use. With Sherpa, you can either pay hourly or annually.
  • Don’t get stuck in an annual contract for application security training.
  •  Training 10 users for 10 hours only costs $4.90. Find out how much Sherpa will cost for your team.

How Do We Stack Up To Other Appsec Training Platforms?

Application Security Training Platform Comparison

Security Sherpa provides flexibility to your AWS stack, and makes Appsec training available to small, mid-sized, and enterprise-level businesses.

Here are a few more examples of how our training platform stands out from the crowd:

  • Compatible with PCI-DSS as well as the FTC’s Safeguards rule.
  • Sherpa has a Zendesk support dashboard with video tutorials and a support ticketing system.
  • Try before you buy with our 14-day free trial.
  • With hourly pricing, you don’t have to waste a single cent of your budget.
  • We are confident that you will be satisfied with Security Sherpa. If you aren’t satisfied, we maintain a 365-day refund policy.


Security Sherpa Logo Transparent

Want to learn more about Sherpa?

We’ll send you our Quick Start Video Guide.

Security Sherpa Logo Transparent

Want to learn more about Sherpa?

We’ll send you our Quick Start Video Guide.

Security Sherpa Logo Transparent

Want to learn more about Sherpa?

We’ll send you our Quick Start Video Guide.