Webseclab combines: - a cloud service and - individual virtual-machine distributions to provide a web security learning platform that is comprehensive, covering all major security topics deemed important by the security community; contemporary, encompassing recent attacks-and-defenses from hacker conferences and academic research; and tested, used to teach academic courses at Stanford and CMU.
Each student VM environment contains a large number of focused exercises for learning individual topics, a provision for administering instructor-created quizzes, along with all the software required for completing longer-term security-focused programming projects. The VM offers an all-in-one tool for completing all the teaching material in a package with turn-key installation and an easy-to-use browser-based interface. It also isolates harmful traffic, e.g. those illustrating attacks, keeping them from harming any public or corporate networks. Finally, it is fully integrated and synchronized with the cloud service.
The cloud service features are mainly designed to support class administration, for both instructors and students. Some key features of the cloud include reporting analytics such as progress and grading metrics in both instructor and student views, data backup/migration for individual student VMs, and synchronized project/quiz administration for instructors, including the ability to push new assignments to student VMs.