Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.

Stay Up-to-Date on all Security Journey news and events.
Featured Articles

Developer-Tailored Secure Code Training: A New Approach from Security Journey
Security training for developers has traditionally been a one-size-fits-all experience—generic, compliance-driven, and...

New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...
What Is a Virtual Machine and How Do You Use Them?
At Security Journey, we strive to create lessons that are compelling, engaging, and informative. Unlike other secure coding training providers that rely on simulations for hands-on lessons, we take a...
How AI/LLMs Can Help, Hinder Developers
THIS ARTICLE WAS WRITTEN BY Michael Burch FOR cacm.acm.org.
The future of software development lies in striking a balance between the unique strengths of AI and human developers.
OWASP Top 10 Proactive Controls
Instead of chasing threats, it pays to be proactive. OWASP noticed the increase in technology's complexity and interconnectivity and recognized that it would become more difficult to secure our...
From Soft Skills to Hard Data: Measuring Success of Security Champions and Culture Change
The Application Security Endgame
For software-centered businesses, Application Security (AppSec) is one of the most critical enablers of cybersecurity’s broader mission. It addresses risk at the...
Empowering Secure AI Development: Security Journey’s Comprehensive AI/LLM Training Approach
As enterprises rush to integrate AI and LLM capabilities across their workflows, one reality becomes clear: without secure design and development practices, these powerful tools can introduce serious...
Experts Reveal How Agentic AI Is Shaping Cybersecurity in 2025
THIS ARTICLE WAS CONTRIBUTED BY MICHAEL BURCH FOR CYBERSECURITYTRIBE.COM.
It was hard to find an exhibition booth at RSAC 2025 that did not include Agentic AI somewhere within their messaging. Last...
Building Elite AppSec Teams: A Conversation with David Kosorok
This article was written by Dustin Lehr, cohost of The Security Champions Podcast.
Why Secure Code Knowledge Matters for Developers
THIS ARTICLE WAS WRITTEN BY JOHN CAMPBELL FOR DEVOPSDIGEST.COM.
Artificial intelligence (AI) remains a transformative force in organizations, providing decision-makers with an efficient and...
How to Choose the Right AI Coding Assistant (Without Sacrificing Security)
AI coding assistants transform how developers write software by autocompleting functions, suggesting refactors, and even generating tests. But with convenience comes risk. How can engineering teams...
Two Things You Need in Place to Successfully Adopt AI
THIS ARTICLE WAS WRITTEN BY MIKE ERQUITT FOR HELPNETSECURITY.COM.
Organizations should not shy away from taking advantage of AI tools, but they need to find the right balance between maximizing...
AI Security: Insights from the Security Journey Content Team