Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.

Stay Up-to-Date on all Security Journey news and events.
Featured Articles

A New Way to Train on OWASP Top 10: The Diligent Developer Chronicles

Security Journey accelerated secure coding training platform enhancements to drive development team engagement and application security knowledge gain
Learn About ‘Application Security (5)’
Common Federated Identity Protocols: OpenID Connect vs OAuth vs SAML 2
DevSecOps Best Practices
You’ve decided to integrate DevSecOps into your software development operations. That’s an important first step to improving your product’s overall security by including it into the development...
What Is DevSecOps?
What Are Security Champion Responsibilities?
Apache Struts 2 Namespace (CVE-2018-11776) Vulnerability
2.3
to 2.3.34
and 2.5
to 2.5.16
of Apache Struts 2, one of the most used Java-based web application frameworks.
How Do You Select Security Champions?
Security champions should be an integral part of your security team. When this position was first introduced five or so years ago as part of the cybersecurity structure, the security champion was...
Top 6 Application Security Must Dos with Limited Resources
The vast majority of application security teams are under resourced. The ideal is that application security teams will scale with development teams, but this rarely happens. Given this disadvantage,...
OWASP Top 10 Mini Series - Command Injection Cheat Sheet
OWASP Top 10 Mini Series - SQL Injection
When Should I Launch a Bug Bounty Program?
How do you start in cybersecurity?
Here are five things that have impacted me in my career, and helped me to grow both as a security person and a human being.