OWASP Cloud-Native Top 10 (CNAS) + OWASP CI/CD Top 10 (CICDSEC) — 41 hands-on topics: cloud configuration, secrets management, container injection, IAM misuse, pipeline poisoning, dependency chain abuse
EU AI Act + ISO/IEC 42001 + NIST AI RMF compliance evidence — per-developer audit-ready PDFs mapped to Articles 9–15 / Annex A / GOVERN-MAP-MEASURE-MANAGE
Three new pillar certifications: App Security Mastery, Cloud Security Mastery, AI Security Mastery — automatically issued when every framework in the pillar is complete
April 14, 2026
v1.7
New
XP Tier Badges & Gamification
15-tier XP badge system — earn ranks from Tin to Diamond as you progress through challenges
Badge progress card on developer profile with visual progress toward next tier
Real-time tier-up notifications when reaching a new badge milestone
Badge indicators on the organization leaderboard for quick team recognition
March 15, 2026
v1.6
New
SCORM Integration
SCORM 1.2 and SCORM 2004 package support for LMS integration
Automatic progress sync between SecureCodingHub and your LMS
Just-in-time user provisioning for SCORM learners
Assignment support now includes LMS-provisioned users
January 20, 2026
v1.5
New
SSO, SCIM & Assignments
Single Sign-On with OIDC (Azure AD, Okta) and SAML 2.0
Just-in-time provisioning — new users auto-created on first SSO login
SCIM 2.0 provisioning for automatic user and group sync from your identity provider
Training assignments — assign challenges or scenarios to users, teams, or your entire org
Deadline and mandatory settings for assignments with completion tracking
Redesigned email notifications
Stack preferences now persist correctly across all browser sessions
November 8, 2025
v1.4
New
Admin Dashboard & Team Management
Organization admin dashboard with leaderboard and topic-level analytics
Team management — create teams, assign members, track group progress
User management with role-based access control
Passwordless authentication with email verification codes
September 12, 2025
v1.3
NewImproved
Expanded Scenario Library
OWASP Client-Side Top 10 training scenarios
Scenario completion screen with guided next steps
Practice page now shows completion stats per vulnerability type
Onboarding tour for first-time learners
July 5, 2025
v1.2
New
Learn Mode — Interactive Scenarios
Learn mode with step-by-step guided attack scenarios
Simulated browser for realistic web attack demonstrations
Simulated mobile device for mobile security scenarios
Narrative-driven scenario panel with choices and code inspection
Stack preferences — choose your preferred language and framework
OWASP Top 10 coverage across Web, API, Mobile, and Client-Side categories
The beginning
How we ship at SecureCodingHub
Our release cadence is roughly monthly, but the underlying rhythm is driven by what is ready rather than the calendar. A patch release goes out when we have collected enough bug fixes, copy corrections, or small accessibility refinements to justify a deploy. A minor release usually bundles improvements to an existing area of the product, for example better feedback inside an existing challenge type or a smoother flow through the learner dashboard. A feature release is reserved for changes that materially expand what the platform can do, such as adding a new vulnerability class, supporting a new language across the challenge library, or introducing a new reporting view for security leads.
Customer feedback enters the roadmap through two channels. The first is direct conversation with security teams who use SecureCodingHub day to day; the second is structured feedback collected inside the product after a learner completes a challenge. We read every comment. Recurring patterns surface in our planning sessions and turn into concrete work items, which is why so many of the entries on this page begin with a small problem report we received the week before. To follow along as new entries appear, you can subscribe to release notes from the blog, where each significant release is mirrored as a short post with the context behind it.
What shipping means for a content-heavy product
Not every change shows up here. SecureCodingHub is a content-heavy product, which means a large share of our weekly work is about expanding and refreshing the learning material itself: new challenge languages, new vulnerability classes, and updates that track moving regulatory baselines like PCI DSS revisions or refreshed OWASP guidance. These content updates ship continuously and do not receive a version bump unless they change platform behavior in a way that a returning learner or administrator would actually notice.
If you want a fuller view of the editorial side of the roadmap, the guides library is the best place to look. The changelog focuses on platform-level changes, while the guides reflect the steady, week-by-week growth of the knowledge base behind the challenges.