Hackflix & Skill

Hackflix&Skill is an interactive security course in which – together with Buggy – we will guide your developers through the most common vulnerabilities they will observe  in our security tests: XML External Entity Attack, Privilege Escalation, Cross-Site Scripting, SQL Injection, Remote Code Execution and many more…

After hundreds of training sessions conducted in accordance with our traditional method, we came out with a new approach. This time, we focus on continuous knowledge transfer instead of a one-time shot with information. 

We also came up with a different belief:



The whole program is based on  a TV-series formula (1 season with 5 episodes). Each part is based on real-life examples of security issues that we have encountered in our daily work. 

But what is actually new is the fact that the participants control the plot.

Students are involved into a dialogue with the character, they solve exercises and quizzes to consolidate newly acquired knowledge. An interactive form of the training allows for an engaging and modern way of knowledge transfer.

 We will introduce a hacker perspective in your team which helps spot code weaknesses and significantly improves the security of both the company and its products.

Your benefits

  • Awareness of real-life threats affecting companies
    Each episode presents a vulnerability chain (known as a killchain) which leads to disastrous consequences. 
  • Full involvement of participants through comprehensive interactivity approach
    This is not another boring training that can be quickly passed by clicking “next” due to the lack of adjustment to the group. 
  • Showcase of best practices based on OWASP TOP 10
    The course discusses many vulnerabilities from OWASP TOP 10. We have selected examples that are often observed in applications we test.
  • A simple way to train the entire department
    The course can be easily integrated with your learning management system. Anyone in your organisation who has access to your LMS can receive the training.
  • Reduced true costs of employee training
    Most courses have a hidden price – exclusion from work for a day or two. To solve this problem, we have shortened the duration to ~2h per episode focusing on key topics and dividing them into small fragments to enable learning at a convenient time.

Why does it make a difference?

There are many aspects of security, and it may seem confusing at the beginning.  Instead of overwhelming the participants with knowledge, we decided to provide regular doses. That’s a completely new approach to courses, and we really believe that it is the way. 

Consistency helps develop good habits.

Episodes are released once every 3 months to actually stimulate the minds of developers for a longer period of time. In this way, you realistically increase the chances that good practices will be a permanent part of software development process.

Our approach to IT Security

  • We have knowledge and experience gained during over 18 years of providing security services all over the globe
  • We help developers and testers solve specific problems by publishing free tools and articles.
  • We have trained over a thousand of developers from over 15 different countries
  • The largest companies from tech and financial sector have benefited from our stationary training – Security Aware Developer  

P.S. Buggy also says you can trust us 😉

See the full script of the first episode 👇

Bonuses for Developers:

In order to verify progress and check the acquired knowledge, at the very end the participants will take a summary quiz covering the material of the entire first season.

Each participant who exceeds 80% may receive a personal certificate.

We also did some research among  developers during many security conferences. On the basis of their needs we have created handy materials for everyday use: 

Buggy’s 1010

A set of short and useful tips for developers based on the most common security bugs found in all reports – This helps eliminate the biggest security bugs right from the start of the SDLC.

Security Reference

A document containing enhanced references related to 14 categories in OWASP Application Security Verification Standard 4.0 – Carefully selected source of proven and reliable information

If you want a more extensive introduction to our training, please contact us via the contact form on the website (choose training in the first step). Our IT Security Specialist will tell you more about how to implement security in your organization.

Case study

How did we increase the security of online banking applications?

The client was one of the leading banks with a website for individual and business entities. The scope tests covered transaction website security, payment management services, financial exchange and loan products

More soon…

Become a Client

and let’s build your safe future together

Write to us