Program Rollout Guide

This guide helps enterprise admins and security champions plan a successful rollout of SecDim across their organisation.

Roles and Permissions

Before rolling out, understand the management roles available in SecDim:

Role Permissions

Admin

Full access to all features. Can manage users, departments, games, SSO, policies, API keys, subscriptions, and remove users from the company.

Manager

Same as Admin, except cannot remove users from the company or manage subscriptions.

Department Lead

Can assign and remove users within their own department (via SecDim ID). Can view their own department’s report in the Play Dashboard. Can create and delete games. Cannot remove users from the company.

Assign these roles from Manage Company. See Manage Users for details.

Phase 1: Instructor-Led Wargame

The most effective way to introduce SecDim is with a live, instructor-led wargame session. SecDim provides a qualified security instructor who runs the session for your team.

What Happens

  1. Platform walkthrough (10 min) — the instructor introduces the SecDim platform, explains how challenges work, and demonstrates the CDE

  2. Live challenge (10 min) — the instructor solves a challenge in real time, showing the full workflow: reading the code, identifying the vulnerability, applying the fix, running tests, and pushing the solution

  3. Team plays (30 min) — everyone joins the game, plays challenges, and scores points on the live leaderboard

  4. Debrief (10 min) — the instructor walks through the solutions, answers questions, and discusses the vulnerabilities covered

How to Set Up

  1. Contact your SecDim account manager to schedule a wargame session

  2. SecDim will set up a private game for your team with challenges tailored to your technology stack

  3. Request promotional materials from your account manager — sample presentations, posters, and email templates are available to promote the event internally

  4. Share the game link and calendar invite with your team

  5. Share the Player Preparation Guide with participants so they know how to get ready

  6. Ensure participants have registered on SecDim before the session (see Getting Started for Admins)

Phase 2: Personalise and Assign Learning

After the wargame, participants are familiar with the platform. Now set up targeted learning for your teams.

Create Personalised Learning Paths

Admins, managers, and department leads can use the SecDim MCP Server to generate personalised learning paths for their teams. Ask MCP to build a pathway based on your team’s technology stack, skill levels, and security priorities, then create those pathways as games in the Play Dashboard.

Encourage Developers to Personalise Their Own Learning

Encourage developers to install the SecDim MCP Server in their IDE. With MCP integrated, developers can:

  • Generate their own personalised learning path based on their role and experience

  • Ask for related courses and challenges whenever a vulnerability is discovered in their code — right from their IDE

  • Get security guidance in context without leaving their workflow

See Personalised Learning Pathways for prompts and setup details.

Share the Company Games

  1. Assign your company games to the relevant departments (see Manage Games)

  2. Share the game links with your team via email or internal chat

  3. Set a clear goal — e.g. "Complete all challenges in the Java Security game by end of quarter"

Ranking, Leaderboards, and Badges

SecDim provides multiple layers of motivation to keep your team engaged:

  • Global ranking and score — every player has a global ranking and cumulative score visible on their profile page. This benchmarks them against all SecDim players worldwide.

  • Game leaderboards — each game has its own leaderboard so players can compete within their team or department.

  • Hall of Fame — the top 10 players are featured on the Hall of Fame. Encourage your team to aim for a spot.

  • Badges and certificates — completing a game or pathway earns a badge and certificate that can be shared on LinkedIn, internal Slack channels, or team wikis.

  • Custom badges — create branded badges for your organisation’s games (contact your SecDim account manager).

Recognise top performers in team meetings or internal newsletters. Share leaderboard standings to create friendly competition across departments.

See Badges and User Profile for details.

Phase 3: Empower Department Leads

Department leads play a key role in sustaining engagement within their teams.

What Department Leads Can Do

  • View department reports — department leads can see their own department’s engagement, grades, and player progress in the Play Dashboard

  • Create games — build department-specific games targeting the technologies and vulnerabilities most relevant to their team

  • Generate learning paths — use SecDim MCP to create tailored pathways based on their team’s skill gaps

  • Manage team members — assign and remove users within their department from Manage Company

Enable Department Leads

  1. Assign the Department Lead role to team leads (see Manage Users)

  2. Walk them through the Play Dashboard and their department’s report

  3. Show them how to use SecDim MCP for creating learning paths and generating reports

Phase 4: Build a Routine

For lasting impact, make secure coding practice a regular activity rather than a one-off event.

Recurring Wargames

Schedule regular wargame sessions (monthly or quarterly) to maintain engagement and introduce new security topics. Each session can focus on a different vulnerability category or technology.

Security Champions

Identify top performers from the leaderboard and engage them as security champions within their teams. They can:

  • Help onboard new team members

  • Run informal challenge sessions within their department

  • Provide peer support on SecDim Discuss

Phase 5: Measure and Report

Use the Reporting Dashboard to track your programme’s progress:

  • Company grade — track improvement over time

  • Department comparison — identify teams that need more support

  • Player risk matrix — spot individuals who may need targeted training

  • OWASP coverage — ensure your team is building skills across all vulnerability categories

For compliance evidence, use MCP Reporting to generate reports mapped to SOC 2, ISO 27001, or PCI DSS.

Rollout Checklist

  • Assign admin, manager, and department lead roles

  • Schedule instructor-led wargame with SecDim

  • Ensure all participants have registered accounts

  • Set up SSO if applicable (see SSO)

  • Create or review company games and assign to departments

  • Generate personalised learning paths using SecDim MCP

  • Encourage developers to integrate SecDim MCP in their IDE

  • Share game links and set completion goals

  • Order custom badges if desired

  • Empower department leads with access and training

  • Schedule recurring wargame sessions

  • Set up reporting dashboards and review cadence

  • Identify and engage security champions