Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.

Stay Up-to-Date on all Security Journey news and events.
Featured Articles

New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...

5 Types of Data You Should NEVER Share with AI
Learn About ‘Security Culture’
Closing the Security Gap in AI
This article ORIGINALLY APPEARED on DEVOPSDIGEST.COM
To examine the growing gap between how software is built and how secure it is, Security Journey brought together a panel of seasoned developers,...
CWE Top 25: What the ‘On the Cusp’ Weaknesses Tell Us About Emerging Threats
Most developers are familiar with the CWE Top 25, the annual list of the most dangerous software weaknesses. But fewer know about the lesser-publicized lists that accompany it, which reveal what’s...
From Soft Skills to Hard Data: Measuring Success of Security Champions and Culture Change
The Application Security Endgame
For software-centered businesses, Application Security (AppSec) is one of the most critical enablers of cybersecurity’s broader mission. It addresses risk at the...
Building Elite AppSec Teams: A Conversation with David Kosorok
This article was written by Dustin Lehr, cohost of The Security Champions Podcast.
How to Evaluate Developer Engagement and Learning in Secure Code Training
Security is a critical aspect of software development, and secure coding practices help mitigate vulnerabilities before they become costly breaches. However, simply implementing a secure code...
Navigating the AI Threat Landscape in 2025: Challenges and Strategies
10 Ways Your Organization Can Celebrate Cyber Security Awareness Month
What Engineering Leaders Need to Know About AI Security
The C-Suite's Guide to AI/LLM Security
Security Journey vs. Secure Code Warrior [2024]
Rewards and Risks of Using AI in Product Security