Security Journey Blog (4)

Why cybersecurity pros need to learn how to code

This article was originally appeared on at TechBeacon.com on July 6, 2021. You can access it here. There is an age-old debate in security: Should cybersecurity professionals know how to...

Application Security offensive training definitions

Finding Vulnerabilities: Differences among Vulnerability Scanning, Pen Testing, Bug Bounty, Red Team and Purple Team Compared

When designing systems to be impervious to outside activity, you should always aim to be at least two steps ahead of your adversaries. Whatever it is that you want to protect, whether...

DevSecOps definitions Introduction

What Are Git Hooks?

Hooks are scripts that run at different steps during the commit process. They are completely customizable and will trigger events at key points during the development life cycle. Some...

offensive training ctf

What is a Capture The Flag Event, and How Does It Benefit Developers?

What is a CTF? A Capture the Flag event, or CTF for short, is a gamified exercise designed to test cybersecurity skills. The goal of the game, much like in the live-action, outdoor game...

Application Security Security Champion Shift Left

How Security Champions Help Improve Application Security

Application security is a major concern for many organizations. In 2020, over 23,000 new vulnerabilities were discovered and publicly reported in production applications. On average,...

Technical

TypeScript Doesn't Suck; You Just Don't Care About Security

The introduction of TypeScript elicited a divided reaction from the JavaScript community. Some liked the new superset, which added static and strong typing. Many hate it with a burning...

AppSec Training Strategies

Why developers dislike security—and what you can do about it

This article originally appeared on TechBeacon.com on May 18, 2021. You can access it here. Developers dislike security but won’t always admit it. They dislike the security function...

AppSec Training Strategies

Why developers dislike security—and what you can do about it

This article originally appeared on TechBeacon.com on May 18, 2021. You can access it here. Developers dislike security but won’t always admit it. They dislike the security function...

software security Secure SDLC

What Are Bug Bounty Programs, And Why Are They Becoming So Popular?

Some organizations run bug bounty programs as a way to identify and fix vulnerabilities within their production applications. A bug bounty program gives ethical hackers permission to test...

Secure Coding Training DevSecOps Shift Left

How Secure Coding Training Fits Into The Shift Left Movement

In the past, security was not seen as a priority during the development process. Often, developers would only perform vulnerability scans and security audits as part of the testing...