Filling the Application Security Education Gap
While we’ve seen promising steps in the right direction when it comes to application security, there is still a significant gap in secure coding knowledge across the entire software development...
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Developer-Tailored Secure Code Training: A New Approach from Security Journey
Security training for developers has traditionally been a one-size-fits-all experience—generic, compliance-driven, and...
New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...
Posts by Security Journey/HackEDU Team
Learning Swing: Measuring Knowledge Gain in Secure Coding Training Programs
A measurable increase in a learner’s knowledge after completing training is an essential component to any successful education program. Measurable knowledge gain is one way to prove your program’s effectiveness and value.
[Dark Reading] Does Security Have to Get Worse Before It Gets Better?
This article was written by Amy Baker for Dark Reading. How to solve the software vulnerability problem across the entire SDLC.
[Dark Reading] Security Leaders are Calling for Industry to Take Action and Programmatically Improve Secure Coding Education
This article was posted on Dark Reading. Currently, none of the top 50 undergraduate computer science programs in the U.S. require a course in code or application security.
Beyond Security Awareness: Safer Apps through Education
The past decade has seen security awareness go from a new concept to a security strategy embedded in most organizations. Several regulations recommend security training but do so in very broad terms.
Three New Lessons to Improve Password Security
Keeping user passwords secure should be a top priority for every system administrator. Stolen login credentials are one of the easiest and most common ways for cybercriminals to gain entry to systems...
[Security Week] Industry Reactions to Govt Requiring Security Guarantees From Software Vendors
This article was written by Eduard Kovacs for Security Week. The White House has announced new guidance with the aim of ensuring that federal agencies only use secure software.
Improve Your Rust Code Security Today
Rust is an extremely popular programming language, claiming the title of most loved language for seven years in a row in the annual Stack Overflow Developer Survey.
Beyond the OWASP Top 10 for Companies Subject to PCI Compliance
Many customers don’t want their developers to merely retake the same material year after year. They want substantive training to enhance knowledge and skills. And, of course, many customers must provide secure coding training that fulfills PCI Requirement 6.5.
[Dark Reading] Feds, npm Issue Supply Chain Security Guidance to Avert Another SolarWinds
This article was originally posted on Dark Reading. The US government and the Open Source Security Foundation have released guidance to shore up software supply chain security, and now it's up to developers to act.
Introducing Our New UI: A Simplified Experience to Enhance Learner Engagement
We’re constantly evolving at Security Journey.
The GitHub Supply Chain Threat: What You Need to Know Today
If you’re a GitHub developer that relies on open source repositories in your code (that would be everyone), Tuesday night’s Tweet storm started by Stephen Lacy no doubt caught your attention.