Super App Takes AppSec Training to the Next Level

‍

About the client

A leading super app in Southeast Asia, serving millions of users with services like ride-hailing, food delivery, and financial services, needed to equip its security team with top-tier application security (AppSec) training. Their existing training solutions fell short with their generic content and failed to address the diverse needs of the security team, who were subject matter experts advising multiple teams across various technologies.

‍

Disparate and insufficient training

The company’s previous training programs fell short of meeting their diverse training needs because they were focused primarily on generic principles and lacked hands-on experience. 

‍

Challenges with previous training included: 

• Inconsistent labs: Frequent lab failures during training hampered the learning experience.
• Limited scope: Training is often focused solely on secure coding remediation without providing context on attacks and their impact. 
• Cloud security roadblocks: The requirement for personal cloud accounts and associated costs created barriers to effective cloud security training.

‍

AppSecEngineer Training as the solution

AppSecEngineer stepped in to provide the super app with an effective training solution. With over 250 courses covering a wide range of AppSec topics, AppSecEngineer provided the security team with the ability to choose courses across multiple topics which was relevant to their roles as Security SMEs.

• Reliable, scalable labs: Each user receives their own easily accessible lab environment to eliminate inconsistencies and guarantee a smooth learning experience.
• Diverse content library: AppSecEngineer’s comprehensive training on a wide range of topics, from AppSec essentials to DevSecOps to Cloud security across all three major providers, Kubernetes, containers, and threat modeling
• Micro-learning approach: Courses that are focused on specific skills that let the team choose the training most relevant to their roles. 
• Integrated cloud sandboxes: AppSecEngineer’s cloud accounts for training purposes to get rid of the need for personal accounts and costs. 
• Continuously updated content: A steady stream of new material to keep users engaged and guarantee their skills remain current.

‍

With AppSecEngineer, the security team of this super app gained access to a robust and flexible training platform that addressed their specific needs and challenges. Our user-friendly interface and diverse content library also provided analytics that will allow them to make data-driven decisions based on their team’s performance to enhance their AppSec knowledge and skills effectively. 

‍

The Impact

AppSecEngineer's training platform has empowered the super app’s security team to:

• Enhance their skills across a wide range of AppSec topics
• Stay up to date with the latest AppSec techniques
• Effectively support and guide product teams on product security requirements

‍

By partnering with AppSecEngineer, this ride hailing, food delivery, and financial services app has significantly strengthened its product security posture. AppSecEngineer's comprehensive training platform has provided their security team with the knowledge and skills they need to protect the company's products and critical customer data.

‍