Adam P, Technical Product Manager, Web Security Academy
The Web Security Academy provides hundreds of thousands of custom generated legally-hackable websites each month, covering the whole range of common vulnerabilities you'll find present in the wild. We build and provide interactive labs, and accompanying learning materials, built to the spec of the world's top web hackers.
Additionally, we produce new labs to accompany the exciting techniques unveiled by the PortSwigger Research team. This enables our users to understand the very latest, cutting-edge vulnerability classes, and the associated discovery and exploit techniques.
We also provide the Burp Suite Certified Practitioner exam, along with the mystery lab challenge and practice exam, to allow our extensive Burp Suite Professional user base to test and prove their skills as a pentester at the top of their game.
Finally, we host and maintain the Gin and Juice Shop - the go-to application to allow you to see if your vulnerability is performing correctly, and is therefore worth your time and money!
We model many disparate technologies and web app architectures to provide real-world labs for tens of thousands of monthly users to hack. This means that we have to understand those technologies, and be able to determine where the boundaries of that hacking should be. We have to juggle showing off vulnerable technologies while ensuring our platform remains secure, which can get very tricky when we get right down to bytes flowing over the network.
Our infrastructure is based around Docker containers. It's hosted in the cloud on AWS via ECS, and is backed by EC2 instances and Fargate. We orchestrate all of this using Cloud Formation.
Day-to-day we employ test-driven development and browser-driven acceptance testing to avoid bugs, and of course make sure that our labs are solvable. We also spend plenty of time making sure to go back and refactor those bits of code that keep us up at night.
We are a diverse group of people with a wide range of interests and backgrounds. What Swiggers have in common is that they all love their work and are exceptionally good at what they do.
Jess H, Journalist
Mike S, Software Developer
Mohamed H, Software Developer