SafeStack Seminars are an easy way to engage your application security champions on a regular basis. With seminars, your team can keep updated with new threats and secure development best practices in our interactive sessions with expert coaches.

More than 30 seminars have occurred since SafeStack was launched, covering a wide range of topics, including threat modeling, AI, DevOps, SAST and so on. Every topic is sourced from our community and customer suggestions, so they are guaranteed to be timely, relevant, and focused on current and emerging secure development best practices.

A feature requested by many customers is the ability to add seminars into learning paths, allowing security champions to craft outcome focused training programs, along with high quality, interactive, bite-sized training for specific topics covered in our seminars.

From today, all our past seminars are available as courses on the platform! They can be added to learning paths, just like any other course. Further, reports will indicate whether a learner has completed watching a seminar or not, from this point onwards, providing much more visibility about seminar related training to group leaders.

We will continue to host live seminars based on customer suggestions and our roadmap. You will still be able to register for live seminar sessions from the platform. Once a live seminar has finished, it will be available as a course on the platform, so that your team can watch it at a later date.

Our support team is available via email at [email protected] to answer any questions you may have about this change.

Summary

In order to provide a more streamlined login experience for our users, SafeStack will update its authentication domain name from learn-safestack-io.au.auth0.com to auth.learn.safestack.io on February 10, 2024 (Saturday) as part of scheduled maintenance of its authentication systems.

If you use Single Sign On to log into SafeStack, you may need to make minor changes in the SafeStack client configuration set up with your identity provider. These changes are outlined below.

How does this affect you?

Your login experience will be similar to what it is now, this is simply an update of the domain name that we use for our authentication system. Your existing credentials to log into SafeStack will continue to work as they do now and there will be no change to your training data in SafeStack.

If Single Sign On has not been configured for your organization

After you enter your email address on the login page, instead of being redirected to https://learn-safestack-io.au.auth0.com/ you will be redirected to https://auth.learn.safestack.io/.

If you use a password manager to save your credentials, you may need to find your existing credentials to log into SafeStack by searching for safestack in your password manager. Upon successful login, your password manager may prompt you to add or update your SafeStack credentials (since the authentication website URL will be different).

Our forgot password functionality will continue to work, in case you need to reset your password.

If Single Sign On has been configured for your organization

You may need to update the Redirect URI’s configured for use with the SafeStack client in your identity provider (IdP). Before February 9 2024, both the following redirect URI’s must exist in your configuration:

1. https://learn-safestack-io.au.auth0.com/login/callback

2. https://auth.learn.safestack.io/login/callback

You can make these changes right away without affecting your organization’s access to SafeStack.

Azure AD / Entra ID

If you use Azure AD / Entra ID as your IdP, the redirect URI’s can be configured as per Step 1.8 here

Google Workspace

If you use Google Workspace as your IdP, the redirect URI’s can be configured as per Step 1.6 here

Okta

If you use Okta as your IdP, the redirect URI’s can be configured as per Step 4 here

Once this configuration is in place, you will be able to log into SafeStack as usual from our login page.

Help and Support

Our support team is available via email at [email protected] for assistance with this change, to answer any questions or if you face any issues.

As learners watch a lesson, SafeStack will track their progress in the background and will mark a lesson as being completed. Occasionally, learners may find that their lesson wasn’t marked as completed depending on external factors such as their network connection. This would mean the learner would have to re-do the lesson or contact our support team for assistance.

We’ve introduced the ability for learners to mark a lesson in the Secure Development program as complete, which group leaders can opt-into from the Organization section under the Settings menu.

Turning this option on will show a Mark as Complete button alongside the player controls when a learner is watching a lesson. Learners are asked to confirm their decision, warning them that their lesson progress will reflect that it was manually completed.

When setting up your Learning Path, you’ve previously been able to add a due date that your learners should have completed their courses. This due date in some instances would show as being a day forward or behind depending on if learners were in a different timezone.

We’ve now added the ability to set the due time that courses should be completed by, and improved how the due date is shown to group leaders and their learners based on their current timezone.

In a move to simplify our subscription structure, we've merged the Enterprise Plan with the Team Plan, creating a more straightforward and cohesive offering, while all features remain available. It’s important to note that this update will not impact our existing customers, except for the actual plan name being changed.

We're thrilled to introduce a brand-new Organization Settings page, designed to streamline your organizational management tasks and configure SafeStack to meet your team’s needs. Access to this page is reserved exclusively for group leaders of customers on our paid Team plan.

Within this page you’ll find a handy new option to ensure that users from your organization, signing up to SafeStack on their own, get added to your existing SafeStack organization, instead of being added to a completely new SafeStack organization.

Note that such users will be invited as Learners into your SafeStack organization and will not occupy any seats, until a Group Leader assigns them to one of our training programs.

To keep your learners on the path to success, we’ll now send out a reminder to those who still have courses to complete. An in-app and email notification will be sent a few days before the due date of their Learning Path, and contain a quick link for them to finish their Learning Path.

Learners can opt-out of email notifications from their Profile page.

SafeStack provides many types of reports to help learners and group leaders track progress of your security training journey.

All our reports now support server side pagination, loading chunks of data as requested by your browser - while you “page” through the reports. This leads to much quicker report generation, especially for some of our larger customers with thousands of learners in their team.

All our reports now also provide enhanced filtering capabilities that help determine exactly how much progress you, or your team, have achieved, across a program, learning path or course.

For group leaders, this helps answer questions like:

• “Who has not yet completed their Secure Development learning path?”

• “How much progress, in % format, has my team, or user X, achieved in the Secure Development learning path?”

• “Which users have completed the Designing Secure Microservice Architectures course, and which users have made some progress in that course?”

For learners, this helps answer questions like

• “What learning paths have I made some progress in?”

• “What courses have I made no progress in?”

Further, your currently selected report filters are now applied automatically whenever you download a report as a CSV file.

We hope that our enhanced reporting functionality helps you track your, or your teams progress, much more easily and are always open to feedback.

We’ve made some usability improvements to our “Badges and Certificates” - now known as “Achievements”.

On the Achievements page, you can now see all the Credly badges that you can earn by completing courses from our Secure Development programme.

The badges you have earned will be colorfully highlighted. You can even click into such a badge and view, accept, verify or share it directly from Credly.

Go ahead and get some badges from our Achievements page!