Bad Coding 101: Ensuring Your Website is XSS-Friendly
Follow our whimsical, step-by-step playbook and keep your website gleefully vulnerable for years to come.
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...
5 Types of Data You Should NEVER Share with AI
Large language models (LLMs) like ChatGPT are powerful tools, but it's crucial to remember that data privacy is paramount.
Read More
Mitigating & Preventing Cross-Site Scripting (XSS) Vulnerabilities: An Example
In the digital world, trust is crucial for businesses to secure customer data and maintain loyalty. Cross-Site Scripting (XSS) is a silent threat that can turn a trusted platform into a launchpad for attackers, stealing sensitive information and spreading malware.
Understanding The 4 Types of Cross-Site Scripting (XSS) Vulnerabilities
Imagine you can see through the eyes of a bank manager without them knowing. You watch as they input the security code, open the gate, and unlock the vault brimming with cash.
Why Investing in Secure Coding Training is More Impactful Than Bug Bounty Programs
Bug bounty programs incentivize ethical hackers to identify and report vulnerabilities. However, prioritizing comprehensive developer training may be more impactful for application security in the long run.
Security Champions are Key to Successful Threat Modeling Facilitation
In this article, we’ll dive into how Security Champions can be your company’s most effective threat modeling advocates and facilitators.
5 Tips for Successful Cybersecurity Threat Modeling at Your Organization
With cybersecurity regularly getting the spotlight, focusing on securing our systems and data has become essential. One of the most efficient ways to start this is with threat modeling. This...
How To Use Threat Modeling to Minimize the Attack Surface of Your Application
As the application security community grows, threat modeling tips are shared daily. But let’s go back to the basics – what is threat modeling? And how does it protect your application?
Make AppSec Training Accessible for Everyone with WCAG
Corporate training builds a competent workforce. AppSec training for secure software. Prioritize accessibility in training.
Security Journey Launches Enterprise-Grade Security and Accessibility Features for World-Class Secure Coding Training Platform
Key product milestones are an industry first, marking a new maturity level in the AppSec education market.
Boost Your Security with These 3 Game-Changing Threat Modeling Tools
In this blog post, we will explore three top threat modeling tools: Microsoft Threat Modeling Tool, IriusRisk, and OWASP Threat Dragon.
Top 10 Biggest Security Threats to Your Products
Mike Burch and his team took the time to evaluate these lists and compile what we believe is a list to rule them all – the biggest threats to our products across the different technologies.
Practical Threat Model Creation: A Step-by-Step Guide & Free Template
Creating a secure product requires prioritizing safety. This guide provides steps for developing a threat model.