Beyond Breaking: From Pen Tester to Problem Solver
Reflections on my recent Security Champions Podcast episode with Ariel Shin
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...
5 Types of Data You Should NEVER Share with AI
Large language models (LLMs) like ChatGPT are powerful tools, but it's crucial to remember that data privacy is paramount.
Read More
Learn About ‘Security Culture’
Do Developers Still Need Secure Coding Training in the Age of GitHub Copilot?
As AI-powered development tools like GitHub Copilot become more widely adopted, engineering teams are naturally beginning to ask new questions about the future of secure coding education.
Embracing Your Own Cybersecurity Identity: Lessons from Eva Benn
In the latest episode of the Security Champions Podcast, I had the pleasure of speaking with Eva Benn about a topic that hits at the heart of the work many of us are trying to do: reshaping the...
The Magic of Developer Empathy: A Thoughtful Conversation About Product Security
Reflections on my recent Security Champions Podcast episode with Jacob Salassi
Closing the Security Gap in AI
This article ORIGINALLY APPEARED on DEVOPSDIGEST.COM
To examine the growing gap between how software is built and how secure it is, Security Journey brought together a panel of seasoned developers,...
CWE Top 25: What the ‘On the Cusp’ Weaknesses Tell Us About Emerging Threats
Most developers are familiar with the CWE Top 25, the annual list of the most dangerous software weaknesses. But fewer know about the lesser-publicized lists that accompany it, which reveal what’s...
From Soft Skills to Hard Data: Measuring Success of Security Champions and Culture Change
The Application Security Endgame
For software-centered businesses, Application Security (AppSec) is one of the most critical enablers of cybersecurity’s broader mission. It addresses risk at the...
Building Elite AppSec Teams: A Conversation with David Kosorok
This article was written by Dustin Lehr, cohost of The Security Champions Podcast.
How to Evaluate Developer Engagement and Learning in Secure Code Training
Security is a critical aspect of software development, and secure coding practices help mitigate vulnerabilities before they become costly breaches. However, simply implementing a secure code...
Navigating the AI Threat Landscape in 2025: Challenges and Strategies
Michael joined the podcast to discuss the history of the AI threat landscape, the biggest AI security changes of 2025 and the future of AI and AI security.
10 Ways Your Organization Can Celebrate Cyber Security Awareness Month
Cybersecurity Awareness Month isn't just about checking boxes; it's about building a security-minded culture where everyone plays a part.