Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Security Journey Unveils Developer Manifesto as the Foundation for a Reimagined Platform in the Age of AI
The manifesto guides a developer-first platform experience with hands-on AI/LLM security training, GitHub-driven risk...
5 Types of Data You Should NEVER Share with AI
Large language models (LLMs) like ChatGPT are powerful tools, but it's crucial to remember that data privacy is paramount.
Read More
Posts by Security Journey/HackEDU Team
AppSec Things to Watch in 2022
It’s that time of the year again, where everyone under the sun comes up with predictions. We’re not fans of predictions, so instead, we give you Security Journey’s Application Security Things to...
Bridges fall down due to insecure design – make sure your web applications don’t
When it comes to the people designing the bridges I drive across, I want them to use blueprints. I want them to run their design through programs to calculate the exact weight the bridge can hold...
Explain Sigstore to Me Like I'm Five
If you have paid attention to supply chain security in 2021, you've likely heard a lot about Sigstore. If you are still not sure exactly what it is, do not worry. We will provide an explanation that even a child can follow.
Why is Server-Side Request Forgery #10 in OWASP Top 10 2021?
The new #10 on the OWASP Top 10 2021 list is Server-Side Request Forgery (SSRF).
OWASP Top 10 2021: 7 Action Items for App Sec Teams
This post was written by Chris Romeo during his tenure at Security Journey. This article was originally appeared on at TechBeacon.com on October 11, 2021. You can access it here.
How do you Train Developers in Secure SDLC Practices?
As the threat environment grows more serious, applications have become a more vulnerable part of the overall attack surface.
Making Sense of OWASP A08:2021 – Software & Data Integrity Failures
New OWASP 2021 Top Ten List includes new categories. This time around, the list item number A08, Software and Data Integrity Failures, offers insight into the changing nature of application security...
OWASP Top 10 2021 List - What’s New and What Should You Do to Respond?
As you may already know, the OWASP Top 10 is an awareness document that helps developers learn about common software security issues and the corresponding remediations.
How do you Practice Secure Coding?
Developers are the foundation of an organization’s digital strategy, building the products and services that drive revenue and help their company to operate more efficiently.
We Made Some Major Improvements To Our Training
We constantly strive to improve our secure coding training platform, and as part of that effort, we pay close attention to the feedback that everyone who uses our product provides us.
What is the S-SDLC or Secure SDLC?
There was a point in time when the only thing that mattered when it came to software development was that functional software was deployed in the stipulated time.