What's New
Fresh skills, courses, tracks, and platform updates from Defend the Org.
Latest release
Suspected Insider Data Theft at a Pre-Acquisition Materials Firm
A routine departing-employee data review at Corvane Materials turns up exactly what everyone expected: a Senior Account Director on her way to a competitor, an…
This Week
Guided walkthroughs
Every Easy and Medium lab now has an in-lab walkthrough. Redeem a weekly token and a Defender guides you hint by hint — so you learn the skill, not the answer.
Last Week
Public Profiles
Your Defend the Org profile can now be shared publicly — flip it on and you get a clean, link-anywhere page (great for a resume or LinkedIn) showing your…
Watchtower: build the detection pipeline
Design the observability pipeline that turns scattered application, edge, and identity logs into correlated detections, tamper-resistant archival, and a SOC…
July 2026
Lights Out at Mercer Health
A regional hospital network catches a ransomware crew mid-Impact phase. Fourteen minutes of telemetry — shadow-copy wipes, service stops, log clearing, and the…
June 2026
Creator Mode
Apply to be a Creator and get access to exercise solutions and explanations to help you plan your educational content.
Defender Initiation
Onboarding got an upgrade. Defender Initiation is a 12-minute campaign that walks you through your first three reps as a defender — triage an alert, contain an…
Campaigns are live — story-driven security operations end-to-end
Real cybersecurity work isn't one skill in isolation. Campaigns recreate the shape of an incident — story-driven scenarios that thread cutscenes between labs…
Lattice — Zero-Trust Service Mesh
Re-architect a flat payments backend into a zero-trust service mesh: mutual TLS east-west, central identity, runtime secrets, and a data tier reachable only…
System Design: Beginner
Learn to design systems that defend themselves. Three concept-per-lab sections — trust zones, edge filtering, and protecting data — that teach the invariants…
Six System Design labs ship with the new module
Keep, Moat, Sieve, Strongbox, Tollgate, and Stratus — five easy/medium labs to learn the invariants, one hard lab to prove them under enterprise pressure.
System Design
Design secure, defensible systems on a graph canvas. The first proactive module in Defend The Org — every other skill is reactive; this one is design-time.
May 2026
Megalodon — Mass GitHub Workflow Backdooring
On 2026-05-18, an attacker pushed malicious .github/workflows/ entries into thousands of GitHub repos in a six-hour window, exfiltrating CI secrets and cloud…
Log Analysis Methodology
The substrate skill underneath detection, hunting, IR, and SOC. Learn how a defender thinks about logs through the loop: Anchor, Scope, Pivot, Corroborate,…
Moat: protect the data tier
Design a public-facing web application so that nobody on the internet can reach the database directly. Place each component in the right trust zone, wire the…
RubyGems GemStuffer
A public supply-chain disclosure (GemStuffer, 2026-05-13) describes 150+ malicious RubyGems published as a data-exfiltration dead-drop. As the security…
Notifications
A bell icon in the top right keeps you in the loop on new labs, friend requests, and platform updates. Tune what you hear about in account settings.
The Fracture Within
A ransomware alert detonates across your finance department — but something deeper is moving through the network. A nation-state actor has been inside for…
What's New page
Browse every recent skill, course, track, and platform update in one place. Subscribe to the RSS feed to get drops as they ship.
RSS feed for releases
Subscribe to /whats-new/feed.xml to get every new skill, course, and feature in your RSS reader.
Defend the Org Public Launch
May 6, 2026
Defend the Org launches publicly
The platform goes live with 5 Skills, 59 Labs, 3 Courses, 6 Tracks.