Application Security Training Platform | Security Sherpa

Available on AWS

What is Security Sherpa?

Security Sherpa is a training platform for web and mobile application developers. Sherpa’s learning modules range from beginner to expert level, and vary in penetration testing techniques. The learning modules are designed to help train you on OWASP’s top ten security risks. You can train anywhere from one developer to hundreds of developers at a time using our AWS instances.

What Are The Use Cases For
Security Sherpa?

Security Sherpa is a multi-use app-sec training platform.

Some of the use cases include:

Teach web/mobile application security
Explore secure playground to practice application security techniques
Train developers in web/mobile app pen testing
Demo security risk examples for your team
Analyze team pen-testing skills through reporting
Introduce competition into your employee training

What Security Risks Are Covered In The Training Modules?

Security Sherpa’s training modules focus on training your team in the security risks that could be the most likely vectors of attack.

Here’s a list of some of the attack vector training modules included in Sherpa:

Cross-site scripting
Broken authentication and session management
SQL injection
Sensitive data exposure
Security misconfiguration
Insecure direct object reference
Unvalidated redirects and forwards
Cross-site request forgery

Missing function level access control
Unintended data leakage
Insecure data storage
Poor data validation
Lack of binary protections
Client side injection
Broken crypto
Poor authentication and authorization

What Security Risks Are Covered In The Training Modules?

Security Sherpa can be used in 3 different modes operated by the administrator. The Admin has the ability to allow or cut off access to different levels that are available to users.

Open Floor Mode

Open Floor Mode allows users to freely access any module that is allowed by the admin. OFM let’s users explore and go at their own pace.

CTF Mode (Capture The Flag)

In CTF mode, users can access one module at a time. Once a module is complete, the user is presented with a more difficult training module.

Tournament Mode

In CTF mode, users can access one module at a time. Once a module is complete, the user is presented with a more difficult training module.

How Does Security Sherpa Benefit My Team?

Sherpa stands out from the crowd because it’s scalable, adaptable, and affordable.

Benefits To Users

Start your training in modules that match your experience level.
Go at your own pace and get real-world experience in a safe environment.
Compete against your coworkers or with people around the world in tournament mode.

Benefits To Team Leaders

Enjoy the flexibility of adding on users without having to talk to a sales rep or revise a contract.
Save time on money on quality assurance costs.
Measure your team’s skill level in security risk mitigation.

Benefits To The Bottom Line

Only pay for what you use. With Sherpa, you can either pay hourly or annually.
Don’t get stuck in an annual contract for application security training.
Training 10 users for 10 hours only costs $4.90. Find out how much Sherpa will cost for your team.

How Do We Stack Up To Other Appsec Training Platforms?

Security Sherpa provides flexibility to your AWS stack, and makes Appsec training available to small, mid-sized, and enterprise-level businesses.

Here are a few more examples of how our training platform stands out from the crowd:

Compatible with PCI-DSS as well as the FTC’s
Safeguards rule.
Sherpa has a Zendesk support dashboard with video tutorials and a support ticketing system.
Try before you buy with our 14-day free trial.

With hourly pricing, you don’t have to waste a single cent of your budget.
We are confident that you will be satisfied with Security Sherpa. If you aren’t satisfied, we maintain a 365-day refund policy.

Application Security Training Platform | Security Sherpa

Available on AWS

What is Security Sherpa?

What Are The Use Cases For
Security Sherpa?

What Security Risks Are Covered In The Training Modules?

Security Sherpa’s training modules focus on training your team in the security risks that could be the most likely vectors of attack.

Here’s a list of some of the attack vector training modules included in Sherpa:

What Security Risks Are Covered In The Training Modules?

Security Sherpa can be used in 3 different modes operated by the administrator. The Admin has the ability to allow or cut off access to different levels that are available to users.

Open Floor Mode

CTF Mode (Capture The Flag)

Tournament Mode

How Does Security Sherpa Benefit My Team?

Benefits To Users

Benefits To Team Leaders

Benefits To The Bottom Line

How Do We Stack Up To Other Appsec Training Platforms?

Security Sherpa provides flexibility to your AWS stack, and makes Appsec training available to small, mid-sized, and enterprise-level businesses.

Here are a few more examples of how our training platform stands out from the crowd: