Belts and Activity system¶
We are launching a new activity system, previously only available to the learning platform users, now for the whole Security Champions Network!
This is how it works¶
Secure Code learning platform¶
If you are using the Secure Code learning platform
Nothing changes except where you register activities! It pays to learn, and you get to upskill your knowledge as well, Win Win!
There are 5 belts you can achieve.White
, Yellow
, and Green
belt are achievable from only learning through the platform. More on the merch you can get from the different belts here. The brown
and black
belts are something special. They require you to complete activities that give back to the Security Champion network.
The brown
and black
belts are special and require you to complete activities normally in the Security Champion network. Check them out below!
- To start earning the
brown
belt: Complete the three belts from the learning platform (white
,yellow
, andgreen
) - To gain the
brown
belt: Complete3
activities from the list below - To gain the
black
belt: Complete6
new activities, for a total of9
Others¶
If you are not taking a part of the Secure Code learning platform, you need to do activities all the way. We want to promote the learning platform, so you should really test out the hands-on lessons! Each belt requires X amount of approved activities.
Activities per belt¶
White | Yellow | Green | Brown | Black | Total |
---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 15 |
Ex: Yellow is 3
completed activities, 1
for white
, 2
for yellow
Registration¶
The process for registration has been simplified! All you have to do is:
- Use this form
- List your activity and short about details so we know what we are approving (no sensitive information please)
- We will double-check, and if everything is A-OK, you get an e-mail!
Info
One activity is one submission.
Activities¶
Please help contribute with useful activities that make sense in Equinor context for our Security Champions.
- Talk briefly about your project/challenges in regards to security in the Morning Coffee
- Facilitate a
Threat Modeling
session for your team/project - Share a write-up of a
security activity
you/your team did on the AppSec Slack - Speak at a seminar/meetup
- Have a Security Champion from another team join/review your
threat model
- Join/review another team's
threat model
- Create an AppSec story about something your team did
- Attend a meetup
- Hold a security moment at a seminar/meetup
- Set up
Snyk
scanning for your repository - Assess and address all issues in Snyk (achieve a 0-issue dashboard)
- Set up
Secret scanning
for your project using our guidelines - Attend a Security Journey tournament
(learning platform)
- Gain three
white
belts(learning platform)
- Gain two
yellow
belts(learning platform)
- Gain two
green
belts(learning platform)
- Go through a Security Journey task in the Morning Coffee
(learning platform)
Note
The list of activities will change based on your feedback.