How to Put the Threat Modeling Manifesto Into Action
If you have not yet seen the Threat Modeling Manifesto, you’re missing out.
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Developer-Tailored Secure Code Training: A New Approach from Security Journey
Security training for developers has traditionally been a one-size-fits-all experience—generic, compliance-driven, and...
New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...
Learn About ‘Security Culture (6)’
How to Shift Left and Increase Long-Term Efficiency
In software development, issues become more time-consuming and more expensive the longer it takes to find and fix them. Find defects too late in the development cycle, and you could risk a delayed...
DevOps Security Culture: 12 Fails Your Team Can Learn From
This post was written by Chris Romeo during his tenure at Security Journey.
This article was originally appeared on at TechBeacon.com on January 6, 2021. You can access it here.
3 Steps To Overcoming the Shortage in Security Talent (Hint: You Already Have What You Need)
According to the 2019/2020 Official Annual Cybersecurity Jobs Report, an estimated 3.5 million cybersecurity jobs will go unfilled in 2021. While attracting candidates from such a limited talent pool...
6 Ways to Develop a Security Culture From Top to Bottom
With our modern dependence on technology and security, nobody would dare to make this statement. Everyone knows how crucial security is and how it must be embedded into everything an organization does. A simple glance at the news provides details on the data breach of the day tied to an application security vulnerability.
The Carrot and the Stick: Security Rewards and Recognition
How do you incentivize people to participate in your security program? Are you using a carrot or a stick? Security rewards and recognition are crucial for the success of your security belt program.
Three Ways to Empower Remote Threat Modeling
We’re all living in this new world where we’re working from home. The question we pose is, 'How will we make progress on rolling out threat modeling when we can’t meet with people face to face and...
4 Steps to Transforming Developers Into Security People
This post was written by Chris Romeo during his tenure at Security Journey.
Developers are everywhere because software is everywhere. Try to think of an organization that doesn’t employ at least a...
What Are Security Champion Responsibilities?
Your company has decided to add security champions to improve your overall security postures, and you’ve chosen great candidates to take on this role.
How Do You Select Security Champions?
Security champions should be an integral part of your security team. When this position was first introduced five or so years ago as part of the cybersecurity structure, the security champion was...
How to hack your security culture
This post was written by Chris Romeo during his tenure at Security Journey.
Changing security culture appears straightforward at first glance: You tell people to do things differently than before,...
Information security needs community: 6 ways to build up your teams
This post was written by Chris Romeo during his tenure at Security Journey.
Every application security and SecOps organization needs to connect people under the banner of security. The security of...