Security Journey Blog

Application Security Security Culture

Jan 2, 2024

Why Investing in Secure Coding Training is More Impactful Than Bug Bounty Programs

Bug bounty programs incentivize ethical hackers to identify and report vulnerabilities. However, prioritizing comprehensive developer training may be more impactful for application security in the long run.

Read More - Why Investing in Secure Coding Training is More Impactful Than Bug Bounty Programs

Application Security

Dec 19, 2023

Security Champions are Key to Successful Threat Modeling Facilitation

In this article, we’ll dive into how Security Champions can be your company’s most effective threat modeling advocates and facilitators. 

Read More - Security Champions are Key to Successful Threat Modeling Facilitation

Application Security

Dec 14, 2023

5 Tips for Successful Cybersecurity Threat Modeling at Your Organization

With cybersecurity regularly getting the spotlight, focusing on securing our systems and data has become essential. One of the most efficient ways to start this is with threat modeling. This...

Read More - 5 Tips for Successful Cybersecurity Threat Modeling at Your Organization

Application Security

Dec 12, 2023

How To Use Threat Modeling to Minimize the Attack Surface of Your Application

As the application security community grows, threat modeling tips are shared daily. But let’s go back to the basics – what is threat modeling? And how does it protect your application? 

Read More - How To Use Threat Modeling to Minimize the Attack Surface of Your Application

Application Security Security Culture

Dec 7, 2023

Make AppSec Training Accessible for Everyone with WCAG

Corporate training builds a competent workforce. AppSec training for secure software. Prioritize accessibility in training.

Read More - Make AppSec Training Accessible for Everyone with WCAG

Security Journey News

Dec 5, 2023

Security Journey Launches Enterprise-Grade Security and Accessibility Features for World-Class Secure Coding Training Platform

Key product milestones are an industry first, marking a new maturity level in the AppSec education market.

Read More - Security Journey Launches Enterprise-Grade Security and Accessibility Features for World-Class Secure Coding Training Platform

Application Security

Dec 5, 2023

Boost Your Security with These 3 Game-Changing Threat Modeling Tools

In this blog post, we will explore three top threat modeling tools: Microsoft Threat Modeling Tool, IriusRisk, and OWASP Threat Dragon. 

Read More - Boost Your Security with These 3 Game-Changing Threat Modeling Tools

Application Security OWASP

Dec 1, 2023

Top 10 Biggest Security Threats to Your Products

Mike Burch and his team took the time to evaluate these lists and compile what we believe is a list to rule them all – the biggest threats to our products across the different technologies. 

Read More - Top 10 Biggest Security Threats to Your Products

Application Security Security Culture

Nov 29, 2023

Practical Threat Model Creation: A Step-by-Step Guide & Free Template

Creating a secure product requires prioritizing safety. This guide provides steps for developing a threat model.

Read More - Practical Threat Model Creation: A Step-by-Step Guide & Free Template

Application Security

Nov 16, 2023

Enhance Your Security: Unveiling the 3 Key Benefits of Threat Modeling

It is crucial to prioritize security throughout the entire lifecycle of a product or application, from conception to release. Threat modeling is an essential step in this process.

Read More - Enhance Your Security: Unveiling the 3 Key Benefits of Threat Modeling

Security Journey News

Nov 14, 2023

Security Journey Announces New AI/LLM and API Learning Paths to Teach Development Teams How to Build Software Securely

New training efficiently addresses the industry’s identified risks in API and AI LLM software. 

Read More - Security Journey Announces New AI/LLM and API Learning Paths to Teach Development Teams How to Build Software Securely

Secure Coding Training

Nov 14, 2023

In-House vs. Vendor: Which is the Best Way to Provide Secure Coding Training?

In this article, we will compare the experience of creating in-house secure coding training with hiring an external vendor, including the associated costs and value. 

Read More - In-House vs. Vendor: Which is the Best Way to Provide Secure Coding Training?