Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
The manifesto guides a developer-first platform experience with hands-on AI/LLM security training, GitHub-driven risk...
The Open Worldwide Application Security Project (OWASP) is a non-profit foundation focused on improving the security of software. It’s best known for openly published resources,...
AI is no longer an experiment in software development. It’s writing production code. It’s refactoring applications. It’s generating tests, scaffolding architectures, and—depending on the...
If you're making technology decisions for your organization, understanding which programming language vulnerabilities pose the greatest risk helps you prioritize secure coding training and language...
When comparing programming languages for security-sensitive projects, the debate around python vs java often misses a key point: neither Java and Python is inherently more secure than the other. Both...
Reflections on the latest Security Champions Podcast episode
Large Language Models (LLMs) are becoming core components in developer workflows, from code generation and testing to documentation, search, and automation. But as organizations integrate AI into...
Most developers understand security in theory, but putting that theory into code is where things break down. Real security happens not in policy documents but in the small decisions made while...
The debate between Python and C++ security isn't about picking a winner. It's about understanding how language design influences the vulnerabilities your team will face. Both languages power critical...
In today’s world of ever-evolving cyber threats, secure coding is the day-to-day discipline that prevents small mistakes from becoming production incidents. Modern teams ship software quickly, but...
Reflections on my Security Champions Podcast episode featuring Mark McMillan
The most critical step in secure coding is establishing comprehensive, hands-on Secure Code Training for developers from the beginning of the software development lifecycle. While automated tools,...
Most modern software teams work under constant pressure to deliver features quickly while still maintaining security, compliance, and high code quality. Best practices for secure coding help bridge...
