| - We don't have the breadth of Safelight's material (early days I guess), but the areas we cover, we do a much better job. It was our frustration with this kind of training material that inspired us to make Hacksplaining in the first place: https://www.youtube.com/watch?v=jkQgVO993W8 Our exercises are interactive, rather than passive, and focus on specific ways to fix code, rather abstract concepts. Compare with what we have on SQL injection: https://www.hacksplaining.com/exercises/sql-injection We started with the question "what are the essential things we would want our development team to know?" and then figured out the most compelling way to teach about them. - We are talking to a couple of firms that we could partner with to help establish credibility. It's a bit of Catch-22 selling this kind of training material - people buy your product on the basis of who your existing customers are, to some extent. Finding an established player to work with would really give us a leg up. - Most companies reluctantly pay for security training, precisely because so much of it is onsite and expensive. Making security training mandatory for developers is a good policy for a CTO of a large company (particularly if they have been hacked recently), but it's generally impractical to send to send everyone out for a 5-day course. We hope engaging, online material can fill that niche. |