Announcing our Secure Coding Training Guide
We’ve talked to hundreds of secure coding training administrators over the years, and we’ve seen many approaches to setting up and deploying a secure coding training program. We’ve seen what works...
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Your Guide to Building the Ideal Secure Coding Training Program
We've gathered insights from Security Journey to create a guide for your secure coding training program.
Read More
Security Journey Study reveals only 20 percent of organizations can confidently detect a vulnerability before an application is released
Despite stringent regulations and calls for ‘security by design’, organizations are still failing to equip teams with the knowledge to secure code.
Read More
Learn About ‘Secure Coding Training (7)’
Applying Learning Science Principles to Secure Code Training
Everyone knows the old adage: You can lead a horse to water but you can’t make it drink, and this is certainly applicable when it comes to self-directed learning through computer-based training...
How Offensive Training Improves Defensive-Only Approaches in Secure Coding Training
Chess is an oft-used analogy for cybersecurity because there are many similarities between the two. At their core, they are games of strategy which pit two adversaries against each other in a bid to...
Gender Diversity Considerations in Training: Avoiding Unintended Biases
When deciding which secure coding training program is right for you and your team, it’s important to choose a program that won’t unintentionally alienate certain groups. In 2021, it’s common...
How (and Why) to Teach Developers to Think Like Hackers
Coaches of sports teams would relish the chance to know their opponents' offensive playbook, so that they can prepare the right defensive schemes. Debate experts say you should understand your...
How to Shift Left and Increase Long-Term Efficiency
In software development, issues become more time-consuming and more expensive the longer it takes to find and fix them. Find defects too late in the development cycle, and you could risk a delayed...
How to Add Automation into a Secure SDLC
Many software and app companies have looked to automated operations to create a more streamlined and efficient development process. Adding the right tools to CI/CD workflows can save developers time and alleviate some of the burden of manual work. In DevSecOps, these tools automatically search for vulnerabilities, raise a flag when they find them, and provide information about how to fix them.
3 Steps To Overcoming the Shortage in Security Talent (Hint: You Already Have What You Need)
According to the 2019/2020 Official Annual Cybersecurity Jobs Report, an estimated 3.5 million cybersecurity jobs will go unfilled in 2021. While attracting candidates from such a limited talent pool...
HackEDU Adaptive Training Plans
HackEDU integrates with the most popular SAST and DAST tools, bug bounty platforms, SCA tools, code repositories, and issue trackers. An adaptive training plan is created automatically with HackEDU’s hands-on lessons for each software developer based on dozens of variables about the vulnerabilities found in your applications and the developer’s performance.
HackEDU Customer Case Study
Developers Find & Fix 5.6x More Vulnerabilities with HackEDU's Training: HackEDU Case Study.
How to Run an Effective Application Security Program Remotely
The good news is that running an effective application security program remotely is no different than running it in the office. However, the reality is that most companies are not at the point of...
HackEDU Launches Coding Challenges And Secure Coding Assessments
Coding Challenges are hands-on labs where software developers practice finding and fixing vulnerabilities in software. Developers have to both find the vulnerability and then securely write code in order to pass the challenge.