If you’ve tried AppSecEngineer’s hands-on labs before, Playgrounds are similar to that, but with a focus on writing secure code.
Basically, you’re given a sandbox-style environment where you run an insecure application written in a specific language. You then exploit a vulnerability, learn how to identify that vulnerability, and then secure the app against it.You can also play around with the source files and other code in the environment to practice and experiment with your skills.
Do I get access to a truly freestyle sandbox environment?
Yes, you do! The whole point of a Playground is to not just learn how a security exploit works. You also understand why the application is insecure, what parts of the code are vulnerable, and how to fix it with secure coding practices.
Are Playgrounds only useful for developers?
Not at all. While developers are the intended audience for Playgrounds, anyone who knows how to code can easily try them out. The objective here is to learn secure coding practices. Whether you’re a security engineer with coding experience, or a DevOps/Cloud Ops engineer who’s interested in secure coding, you can take these Playgrounds for a spin.