Visit Security Journey

Post listing page

Topic: Security Culture

Security Culture

Explain Sigstore to me like I am five

How does it work, and why is it important? If you have paid attention to supply chain security in 2021, you've likely heard a lot about Sigstore.  If you are still not sure exactly what...

Continue Reading

Security Culture

How to put the Threat Modeling Manifesto into action

This article was originally appeared on TechBeacon.com on February 16, 2021. You can access it here.   If you have not yet seen the Threat Modeling Manifesto, then you’re missing out. The...

Continue Reading

Security Culture

DevOps security culture: 12 fails your team can learn from

This article was originally appeared on at TechBeacon.com on January 6, 2021. You can access it here. ‍ Will DevOps and DevSecOps still be relevant in 50 years? Today's DevOps technology...

Continue Reading

Security Culture

6 ways to develop a security culture from top to bottom

“We don’t need security.” With our modern dependence on technology and security, nobody would dare to make this statement. Everyone knows how crucial security is and how it must be...

Continue Reading

Security Culture

The carrot and the stick: Security rewards and recognition

How do you incentivize people to participate in your security program? Are you using a carrot or a stick? Security rewards and recognition are crucial for the success of your security belt...

Continue Reading

Security Culture

Three ways to empower remote threat modeling

This post is a result of a conversation on the Application Security Podcast. Adam Shostack joined Robert and me, and the topic was remote threat modeling. We’re all living in this new...

Continue Reading

Security Culture

4 steps to transforming developers into security people

Developers are everywhere because software is everywhere. Try to think of an organization that doesn’t employ at least a few developers to maintain their code. The challenge with...

Continue Reading

Security Culture

How to hack your security culture

Changing security culture appears straightforward at first glance: You tell people to do things differently than before, and then stand back and wait for lower vulnerability counts and...

Continue Reading

Security Culture

Information security needs community: 6 ways to build up your teams

Every application security and SecOps organization needs to connect people under the banner of security. The security of any organization is only as strong as its people, and people thrive...

Continue Reading