Security Journey Blog

Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.

Stay Up-to-Date on all Security Journey news and events.

Featured Articles

What You Need to Know About Security Journey’s Recommended Learning Paths

The increasing number of cyber-attacks has made it imperative for organizations to ensure that their software is secure. The first step towards securing software is to provide good training.

OWASP Diligent Developer

A New Way to Train on OWASP Top 10: The Diligent Developer Chronicles

The Diligent Developer Security Awareness and Education Program is designed to raise awareness about application security and build skills across your development team to empower them to build secure software.

Topics

Application Security OWASP

Dec 1, 2023

Top 10 Biggest Security Threats to Your Products

Mike Burch and his team took the time to evaluate these lists and compile what we believe is a list to rule them all – the biggest threats to our products across the different technologies.

Application Security Security Culture

Nov 29, 2023

Practical Threat Model Creation: A Step-by-Step Guide & Free Template

Creating a secure product requires prioritizing safety. This guide provides steps for developing a threat model.

Application Security

Nov 16, 2023

Enhance Your Security: Unveiling the 3 Key Benefits of Threat Modeling

It is crucial to prioritize security throughout the entire lifecycle of a product or application, from conception to release. Threat modeling is an essential step in this process.

Security Journey News

Nov 14, 2023

Security Journey Announces New AI/LLM and API Learning Paths to Teach Development Teams How to Build Software Securely

New training efficiently addresses the industry’s identified risks in API and AI LLM software.

Secure Coding Training

Nov 14, 2023

In-House vs. Vendor: Which is the Best Way to Provide Secure Coding Training?

In this article, we will compare the experience of creating in-house secure coding training with hiring an external vendor, including the associated costs and value.

Security Culture

Nov 9, 2023

AI Dreams Are About the Teams

This article was written by Michael Erquitt, Senior Security Engineer at Security Journey.

Compliance & Regulations

Nov 6, 2023

Regulation is Sabotaging Security: Here's What Needs to Change

In the rapidly evolving world of software development, security concerns often take a back seat to the pressing demands of time-to-market pressure.

Security Journey News

Nov 2, 2023

Adam Bruehl Of Security Journey On Why the US Government is Getting Serious About Medical Device Cybersecurity

In an era where technology is revolutionizing healthcare, medical devices — from pacemakers to insulin pumps to hospital imaging machines — are becoming increasingly interconnected. While these advancements offer unprecedented benefits, they also expose healthcare systems and patients to new cybersecurity risks.

Security Culture

Nov 2, 2023

How Security Can Create Guardrails, Not Barriers For Developers

When development and security work hand in hand, applications are more secure, and organizations work more smoothly. And to do so, security should create guardrails, not barriers. But what does this...

Research Security Culture

Oct 26, 2023

AI AppSec: Can Developers Fight Fire With Fire?

The adoption of AI continues to drive transformation across a number of industries, one of which is software development.

Secure Coding Training

Oct 25, 2023

How Secure Coding Training Can Save Your Budget

In this article, we will delve into what secure coding training is and how it can potentially save you money by adopting it for your developers.

Secure Coding Training Application Security

Oct 19, 2023

Building an Effective AppSec Education Program: A Step-by-Step Guide

As you build your application security program, you’ll be able to cater to your organization’s needs; even so, you can follow these five steps.