Software Integrity

 

How effective is storytelling in eLearning courses?

How effective is storytelling in eLearning courses?

Synopsys eLearning goes beyond your typical training solution. Our course offerings provide developers with targeted training that centers specifically on the security frameworks and platforms they’re using.

In fact, I was recently talking to one of our course authors who is in the process of writing new course material. We were talking about password hashing and securely storing passwords in preparation for the new course. During the conversation, we began chatting about how a lot of developers get to where they are because they start hacking away at content management systems or learning JavaScript from their night (i.e., freelance) projects. Consequently, even though they may be supremely talented and passionate about the technical, coding aspect of their work, they may not necessarily be thinking about security. Especially in the open source world, it tends to be something that’s not really in the forefront of developers’ minds.

When does security become a direct concern for developers?

Synopsys eLearning is built so that developers can focus on what they care about. They’re going to get the frameworks and languages that they’re used to using (e.g., JavaScript, React, PHP). The courses examine the direct security concerns that they should be paying attention to in relation to these specific languages and frameworks.

We’re not teaching them how to write JavaScript; we’re teaching them how to make it secure.

That way, once they’ve completed their highly focused Synopsys eLearning courses, they can go back to work with new, targeted skills. As they continue writing their projects, developers will be prepared to look for vulnerabilities such as those identified in the OWASP Top 10.

What makes our approach effective?

We want developers to walk away from our training with a clear understanding of how to code more securely. We don’t want them to walk away with a list of things to research more in depth, which is what many eLearning courses I’ve attended have provided me. As instructors, my colleagues and I want to get to the point during the course itself. The way we go about this is with a storytelling approach. We’re big fans of calling out specific, real-world examples and scenarios, examining what happened, and going into what could have been done differently.

In a scenario such as Equifax, what they could have done differently was as simple as keeping their software updated. That’s one of the fundamental points we try to make in a good deal of our eLearning courses: Keep your software up-to-date!

I’ll expand on that a bit: In a lot of major breaches, the attack vector isn’t a highly complex point of entry. Developers are a key player in these scenarios. This is why our eLearning structure ventures past the theoretical—we examine real-world situations.

By applying the material in our courses to these true stories, we can help learners more easily picture themselves in those scenarios. This is good for retention. Learners can look at our stories and think, “Whoa, if that happened at my firm, how many people would be on the chopping block? But imagine if I could have caught that before it went into production! That entire situation could have been avoided.”

Getting beyond just the facts and to the application of concepts—that’s really what developers gain from this. Not only the latest strategies for keeping things secure, but stories that make people’s brains light up.

Making learning relatable and memorable

Developers around the globe are grappling with some highly technical topics and widespread issues. We like to break those down and pull in news stories or situations that bring some real-world perspective. The relatability of this approach makes things resonate on a much more valuable level with learners. This keeps learners up-to-date with what’s going on, makes it interesting and relatable, and encourages them to become more secure coders.

If facts are passengers in the mind, stories and examples are the vehicles they ride in. Long after developers have completed a course, the stories and examples—and thus the facts—will stay with them. Every time they go to commit code, they should be covering their bases. “Let me double-check that. Should I run a scan one more time just to make sure I haven’t introduced something?” These are the thoughts that really make code more secure. It’s very important that developers develop these skills, and that’s something that comes directly from our material.

Want to learn more about our comprehensive eLearning ecosystem?

See a demo