eLearning FAQ's

• Individuals can purchase yearly access to courses
• Groups can purchase group licenses and identify an internal admin who will be able to follow progress and check grades

Client-hosted:

• Available in siteLicense format
• Courses are delivered in a SCORM-compliant ZIP file that can be directly uploaded and deployed in the customer LMS
• Our courses are SCORM-compliant and compatible with most learning management systems

Security Innovation’s eLearning methodology is based on the ADDIE model which is an instructional design process that includes five separate phases:

• Analysis: Instructional goals, objectives and prerequisite knowledge of the course are identified.

• Design: The course’s learning or performance objectives are refined and the course’s instructional, visual and technical design strategy is defined. The outline of the course is created. A high-level design of the learning activities is performed based on learning objectives. The type of each activity is selected to maximize the success of achieving the defined learning objectives. For more information on activity types, please see below.

• Development: Course storyboards are developed. Visual and audio-based activities are specified (animations, videos, simulations, voiceovers, games).

• Implementation: Visual and audio-based activities are created. All course artifacts are integrated into the release candidate.

• Evaluation: The course is tested and refined through a rigorous quality assurance process.

All learning activities included in Security Innovation’s eLearning courses fall in one of the following three categories Absorb, Do and Connect. The aim of this approach is to put the student in action and to elevate learning from passive reading and watching only to active seeking, selecting and experiencing the material with the ultimate aim of creating knowledge and skills. These activities categories are described as follows:

• Absorb activities enable students to obtain crucial, up-to-date information they need to do their jobs or to further their learning. They are activities that require learners to read (text), watch (video), and listen (narration) to absorb the information, e.g.: an animation with voiceover

• Do activities are those aimed at transforming the acquired information into knowledge and skills. Types of “do” activity can include, games, case-studies, quizzes (such as drag and drop, multiple and single choice(s), and matching. Connect activities are designed to have learners link the information provided in the course to their work environment and everyday lives. They usually come in the form of a set of questions aimed at driving the students reflection on how to solve a problem or how it affects their job.

• Connect activities prepare learners to apply learning in situations they encounter at work. Absorb activities are the nouns, do activities the verbs, and connect activities the conjunctions of learning.

Security Innovation uses a team of instructional designers, flash coders and graphics designers working together to maximize knowledge transfer and select the right combination of activities to ensure that all types of learners are reached.

Additionally, our courses involve a lot of interactive activities ranging from Level 1 (passive) to Level 3 (complex interaction); we aim to include as much complex interaction as possible when the topic warrants it. Please note that these levels of interactivity are based on the scale defined by the U.S. Department of Defense.

Our courses are SCORM-compliant, allowing you to take the course at your own pace. TeamProfessor, or your organization’s Learning Management System (if it’s SCORM compliant) will track what chapters/modules you have covered and where you stopped - allowing you to pick up where you left off.

Security Innovation specializes in software security, not general security. With 10+ years of research on security vulnerabilities and dozens of assessment on the world’s most dominant computing platforms and development environments, Security Innovation has become an authority in the application security market – a specialized area where traditional security companies tend to struggle. 80% of our customers are Fortune/Global 500 including security companies them like Symantec, McAfee, Verisign, RSA Security and Aladdin.

The foundation of our security knowledge is derived from more than 10+ years of government funded and corporate driven research on security vulnerabilities. This content is largely supplemented by past and current findings from our security assessment teams, which are routinely logged in our internal Vulnerabilities and Best Practices Database. We also reference industry resources such as OWASP and Microsoft Patterns & Practice that we feel are credible and proven.

Our security engineering teams continually assess the security of the worlds’ most dominant software and computing platforms (part of our security assessment professional services line of business). Our findings in the field are vetted by internal and external experts and if found to be relevant and timely, are restructured and updated in our eLearning courses in a timely manner.

• View grades for his/her own group
• Generate custom reports for a specific or all students, based on a specified timeframe for either the course itself or the exam
• View logs for the past hour
• Get summary activity report (how many viewed what)
• Get participation report
• View course/exam statistics

• Progress Energy
• Microsoft
• Ryder
• Godaddy.com
• Achmea
• Swift

Customer Highlight:  Microsoft

Need:

• Roll out their internal development standard, the Microsoft SDL, to architects, developers and testers in all of their product development teams
• Increase their ability to uncover vulnerabilities prior to software being released to public

Solution:

• Created 14 custom eLearning courses on the Microsoft SDL for Microsoft to quickly rollout to thousands
• Licensed How to Break Software Security company-wide

eLearning lays the foundation for software and information security knowledge, but practitioners often need real-time guidance as they conduct key security activities. TeamMentor, designed to complement eLearning, is a Web-based secure development knowledgebase and guidance system that provides each team member complete security guidance up front and as they code. It contains principles, check-lists, how-to’s, code samples and many other customizable assets that are essential in ensuring security activities are implemented in the right manner.