Security Journey Blog

Security Journey News

Dec 17, 2024

Security Journey 2024: A Year of Powerful Product Enhancements

These updates, designed for ease of use, focus on streamlining user management, enhancing learning customization, expanding hands-on content, and improving overall platform usability.

Read More - Security Journey 2024: A Year of Powerful Product Enhancements

Application Security

Dec 13, 2024

Cracking the Code: Unveiling the Importance of CWEs in Cybersecurity

In this post, we'll delve into the world of CWEs, explaining what they are, why they're essential, and how they can be used to build more secure software.

Read More - Cracking the Code: Unveiling the Importance of CWEs in Cybersecurity

Compliance & Regulations

Dec 11, 2024

Decoding Security Standards: A Developer-Friendly Guide to NIST Cybersecurity Framework

This guide provides a developer-centric overview of the NIST's Cybersecurity Framework, a valuable tool for navigating the complexities of cybersecurity. 

Read More - Decoding Security Standards: A Developer-Friendly Guide to NIST Cybersecurity Framework

Security Journey News

Nov 26, 2024

Industry Trends in Secure Coding: What Your Team Needs to Know in 2025

John Campbell, Director of Content Engineering at Security Journey, shares his thoughts on what to expect in 2025.

Read More - Industry Trends in Secure Coding: What Your Team Needs to Know in 2025

Application Security

Nov 25, 2024

The Hidden Cost of Technical Debt: How Legacy Code Creates Security Blindspots

Make 2025 the year you confront your legacy code security issues. Secure coding training can empower your team to tackle vulnerabilities, leading to your organization's safer and more resilient future. 

Read More - The Hidden Cost of Technical Debt: How Legacy Code Creates Security Blindspots

Secure Coding Training

Nov 20, 2024

Don't Fall for the Hacker Genius: Secure Coding is About Diligence, Not Brilliance

Many believe only brilliant minds can write secure code, but secure coding is primarily about discipline and understanding vulnerabilities. The most significant data breaches in history stemmed from preventable coding errors rather than genius hacking.  

Read More - Don't Fall for the Hacker Genius: Secure Coding is About Diligence, Not Brilliance

Compliance & Regulations AI/LLM

Nov 12, 2024

Risk and Compliance Officers Guide to AI

While AI presents opportunities for efficiency and innovation, it also brings complex challenges that require immediate attention.

Read More - Risk and Compliance Officers Guide to AI

Research

Nov 7, 2024

3 Technologies Revolutionizing Cybersecurity in Finance

According to the Ponemon Institute, the average cost of a data breach in the financial sector is a staggering $5.97 million, emphasizing the critical need for robust cybersecurity measures. 

Read More - 3 Technologies Revolutionizing Cybersecurity in Finance

Application Security AI/LLM

Nov 4, 2024

AI/LLM Secure Coding Training: Don't Let Innovation Outpace Security

Developers need to be aware of this risk and treat user-supplied input that interacts with the AI/LLM with the same level of scrutiny as any other external input.

Read More - AI/LLM Secure Coding Training: Don't Let Innovation Outpace Security

OWASP API

Oct 29, 2024

API Security is NOT Optional: Why the OWASP API Top 10 is Your New Priority

APIs are crucial in modern software, facilitating app integrations and microservices. However, their widespread use increases the attack surface, with each endpoint posing a potential risk for exploitation and data breaches.

Read More - API Security is NOT Optional: Why the OWASP API Top 10 is Your New Priority

OWASP

Oct 24, 2024

Top 10 Insecure Software Development Techniques to Avoid (and What to Do Instead)

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI recently released a joint guide highlighting exceptionally risky software development practices that all organizations should avoid.  

Read More - Top 10 Insecure Software Development Techniques to Avoid (and What to Do Instead)

Secure Coding Training

Oct 18, 2024

Code Red: Closing the Cybersecurity Skill Gap in Finance

Here's the alarming truth: many financial institutions are struggling to defend themselves, not because of a lack of technology, but a lack of skilled cybersecurity professionals.  

Read More - Code Red: Closing the Cybersecurity Skill Gap in Finance