Security Journey Blog

Application Security Security Culture

Jan 24, 2023

International Day of Education: An Opportunity to Promote Long-Lasting Secure Coding Habits

Jan 24^th has been proclaimed by the United Nations Generation Assembly as the International Day of Education, seeking to raise awareness about the need to invest in people and the importance of education.

Read More - International Day of Education: An Opportunity to Promote Long-Lasting Secure Coding Habits

Secure Coding Training Security Journey News

Jan 23, 2023

[Help Net Security] Trained Developers Get Rid Of More Vulnerabilities Than Code Scanning Tools

This article was originally written for Help Net Security. Researchers also found that as many as 70% of organizations are missing critical security steps in their software development lifecycle (SDLC), highlighting a struggle with a ‘shift-left’ approach.

Read More - [Help Net Security] Trained Developers Get Rid Of More Vulnerabilities Than Code Scanning Tools

Application Security Security Journey News

Jan 20, 2023

[VMblog.com] Security Journey 2023 Predictions: A Greater Focus on Application Security

This article was originally written by Amy Baker for VMblog.com. Given the incredibly competitive and challenging economic environment, we are seeing a continuous investment across organizations into application development in the race to win market share.

Read More - [VMblog.com] Security Journey 2023 Predictions: A Greater Focus on Application Security

Application Security Research

Jan 19, 2023

Is Secure Coding Training a Better Investment Than Code Scanning Tools for Reducing Application Vulnerabilities?

A new secure coding practices study, released by EMA, reveals the implementation of ‘shift-left’ is slow, with only 25% of organizations adopting a ‘shift-left’ strategy for security.

Read More - Is Secure Coding Training a Better Investment Than Code Scanning Tools for Reducing Application Vulnerabilities?

Application Security

Jan 12, 2023

How to Measure the ROI of Application Security Training

We are currently in an application security dilemma that stems from growing security concerns, pressure on development teams, and a lack of structured security training.  

Read More - How to Measure the ROI of Application Security Training

Application Security Research

Jan 10, 2023

Adopting Long Lasting AppSec Habits For 2023

The new year is traditionally a time to make resolutions and form good habits. It’s an opportunity that many of us take in both our professional and personal lives to adopt better practices and...

Read More - Adopting Long Lasting AppSec Habits For 2023

Compliance & Regulations Security Journey News

Jan 5, 2023

[datanami] Feds Boost Cyber Spending as Security Threats to Data Proliferate

Originally posted by Alex Woodie from datanami. Cybercriminals are exploiting vulnerabilities in Web applications, which are up 210% over the past few years.

Read More - [datanami] Feds Boost Cyber Spending as Security Threats to Data Proliferate

Secure Coding Training

Jan 4, 2023

Learning Science Principles in AppSec Education: Your Key to Success

Rolling out an employee training program requires commitment across the board. Stakeholders at all levels want to see a return on investment to justify the budget and time required by these programs. 

Read More - Learning Science Principles in AppSec Education: Your Key to Success

Security Culture Security Journey News

Dec 22, 2022

[Security Journal Americas] A Look at AppSec Education for 2023

This article was written by Victoria Rees for Security Journal Americas. Amy Baker, Security Education Evangelist, Security Journey discusses the trends and challenges for the software development industry in 2023.

Read More - [Security Journal Americas] A Look at AppSec Education for 2023

Security Culture Security Journey News

Dec 19, 2022

[Security Boulevard] Moving Beyond Security Awareness to Security Education

This article was written by Sue Poremba for Security Boulevard. While security awareness training is helpful to assist employees in recognizing threats, phishing and social engineering attacks are successful enough that it is clear that awareness training alone isn’t enough.

Read More - [Security Boulevard] Moving Beyond Security Awareness to Security Education

Application Security

Dec 9, 2022

Are You Prepared for the Non-Malicious Insider Threat?

Software supply chain risks are a highly visible part of the cybersecurity threat landscape. From President Biden’s cybersecurity executive order to Gartner including them in its 2022 list of top...

Read More - Are You Prepared for the Non-Malicious Insider Threat?

Secure Coding Training

Nov 29, 2022

A Look Ahead: Secure Coding Training in 2023

In the current economic climate, organizations are under increasing pressure to bring new products and services to market faster than ever. As a result, the security of those applications remains an afterthought.

Read More - A Look Ahead: Secure Coding Training in 2023