Secure Websites Rely on Secure PHP
The PHP: Hypertext Preprocessor scripting language remains as popular today as it has been since its debut in 1994. Developers turn to PHP for its simplicity and flexibility.
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Security Journey Announces Unified Education Platform for Enhanced AppSec Training
The most adopted secure coding training solution helps companies satisfy regulatory requirements such as PCI and supports the White House Executive Order on cybersecurity.
Read More
How to Measure the ROI of Application Security Training
We are currently in an application security dilemma that stems from growing security concerns, pressure on development teams, and a lack of structured security training.
Read More
Gain Practical Skills in Secure Coding and Web Application Security
We talked with Jared Ablon, President and Co-Founder at HackEDU, about the importance of engaging and customized training to develop secure coding practices and perform vulnerability assessments.
Learning How to Reduce Injection Vulnerabilities Risk in Minutes
Last week, we released our Secure Coding Report: Injection Vulnerabilities, which identifies that training software developers on how to best protect against one of the most critical exploits on the...
CyberNews Interview with Jared Ablon
This article is a repost from Cybernews on April 2, 2022.
News Update: Security Journey Provides Free Application Security Training Environment for OWASP® Members
AppSec Things to Watch in 2022
It’s that time of the year again, where everyone under the sun comes up with predictions. We’re not fans of predictions, so instead, we give you Security Journey’s Application Security Things to...
Bridges fall down due to insecure design – make sure your web applications don’t
When it comes to the people designing the bridges I drive across, I want them to use blueprints. I want them to run their design through programs to calculate the exact weight the bridge can hold...
Explain Sigstore to Me Like I'm Five
If you have paid attention to supply chain security in 2021, you've likely heard a lot about Sigstore. If you are still not sure exactly what it is, do not worry. We will provide an explanation that even a child can follow.
Why is Server-Side Request Forgery #10 in OWASP Top 10 2021?
The new #10 on the OWASP Top 10 2021 list is Server-Side Request Forgery (SSRF).
OWASP Top 10 2021: 7 Action Items for App Sec Teams
This article was originally appeared on at TechBeacon.com on October 11, 2021. You can access it here.
How do you Train Developers in Secure SDLC Practices?
As the threat environment grows more serious, applications have become a more vulnerable part of the overall attack surface.