Cracking the Code: Unveiling the Importance of CWEs in Cybersecurity
In this post, we'll delve into the world of CWEs, explaining what they are, why they're essential, and how they can be used to build more secure software.
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Developer-Tailored Secure Code Training: A New Approach from Security Journey
Security training for developers has traditionally been a one-size-fits-all experience—generic, compliance-driven, and...
New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...
Decoding Security Standards: A Developer-Friendly Guide to NIST Cybersecurity Framework
This guide provides a developer-centric overview of the NIST's Cybersecurity Framework, a valuable tool for navigating the complexities of cybersecurity.
Industry Trends in Secure Coding: What Your Team Needs to Know in 2025
John Campbell, Director of Content Engineering at Security Journey, shares his thoughts on what to expect in 2025.
The Hidden Cost of Technical Debt: How Legacy Code Creates Security Blindspots
Make 2025 the year you confront your legacy code security issues. Secure coding training can empower your team to tackle vulnerabilities, leading to your organization's safer and more resilient future.
Don't Fall for the Hacker Genius: Secure Coding is About Diligence, Not Brilliance
Many believe only brilliant minds can write secure code, but secure coding is primarily about discipline and understanding vulnerabilities. The most significant data breaches in history stemmed from preventable coding errors rather than genius hacking.
How to Use AI as a Developer [with examples]
Are you ready to harness the power of AI to transform your development workflow? Artificial intelligence is no longer futuristic; it's revolutionizing software development today.
Risk and Compliance Officers Guide to AI
While AI presents opportunities for efficiency and innovation, it also brings complex challenges that require immediate attention.
3 Technologies Revolutionizing Cybersecurity in Finance
According to the Ponemon Institute, the average cost of a data breach in the financial sector is a staggering $5.97 million, emphasizing the critical need for robust cybersecurity measures.
AI/LLM Secure Coding Training: Don't Let Innovation Outpace Security
Developers need to be aware of this risk and treat user-supplied input that interacts with the AI/LLM with the same level of scrutiny as any other external input.
API Security is NOT Optional: Why the OWASP API Top 10 is Your New Priority
APIs are crucial in modern software, facilitating app integrations and microservices. However, their widespread use increases the attack surface, with each endpoint posing a potential risk for exploitation and data breaches.
Top 10 Insecure Software Development Techniques to Avoid (and What to Do Instead)
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI recently released a joint guide highlighting exceptionally risky software development practices that all organizations should avoid.
Code Red: Closing the Cybersecurity Skill Gap in Finance
Here's the alarming truth: many financial institutions are struggling to defend themselves, not because of a lack of technology, but a lack of skilled cybersecurity professionals.