Monday, August 22, 2016

New Platform Features for August 2016

Another month goes by, another set of new features or improvements we are making. For this month, we have

  1. Improving the "Select the Vulnerability Category" challenges
  2. Administration improvements allowing custom tagging of developers for reporting
  3. Assessment improvements by enabling assessment CSV downloads

More details on these can be found here below.

Select the "Vulnerability Category" improvements 

We have received a lot of feedback from developers on the the "select the vulnerability category" challenges in the platform. Developers found that it was challenging to choose from the long list of vulnerability categories and struggled with identifying the correct terminology for the vulnerability.

To address this, we have changed the structure of the question. Instead of a long list of vulnerability terms to choose from, the developer will be give 4 to 6 options only to choose the correct answer from. This should remove any ambiguity (is this a CSRF problem? Or session management problem? or both?) and make the challenges better to learn about the taxonomy of security vulnerabilities.

Old way to select the vulnerability category from long list of option

New way to select vulnerability category from select number of option

Administration Module - Assigning customer tags to developer for reporting 

Company Administrators can now assign customer Tags to individual developers. Examples could be:
- Country where the developer is located
- Business Unit where the developer resides
- Seniority with the developer group

These tags can be used later as reporting filters. We're modifying the CSV downloads to include these custom tags. 
Tags are assigned to an individual

Assessment Module - Download results of CSV 

We have added a download to CSV function into the platform which allows managers to download the results of all developers for a particular assessments. This will allow managers to carry out further analysis of these results.

To download the results of an assessment for all developers, click into the assessment and click on "Download CSV"

CSV results of assessment

No comments:

Post a Comment