Security Journey Blog

Security Journey News

Jan 23, 2024

Security Journey Study reveals only 20 percent of organizations can confidently detect a vulnerability before an application is released

Despite stringent regulations and calls for ‘security by design’, organizations are still failing to equip teams with the knowledge to secure code. 

Read More - Security Journey Study reveals only 20 percent of organizations can confidently detect a vulnerability before an application is released

Application Security

Jan 17, 2024

Bad Coding 101: Ensuring Your Website is XSS-Friendly

Follow our whimsical, step-by-step playbook and keep your website gleefully vulnerable for years to come.  

Read More - Bad Coding 101: Ensuring Your Website is XSS-Friendly

Jan 11, 2024

Mitigating & Preventing Cross-Site Scripting (XSS) Vulnerabilities: An Example

In the digital world, trust is crucial for businesses to secure customer data and maintain loyalty. Cross-Site Scripting (XSS) is a silent threat that can turn a trusted platform into a launchpad for attackers, stealing sensitive information and spreading malware. 

Read More - Mitigating & Preventing Cross-Site Scripting (XSS) Vulnerabilities: An Example

Jan 9, 2024

Understanding The 4 Types of Cross-Site Scripting (XSS) Vulnerabilities

Imagine you can see through the eyes of a bank manager without them knowing. You watch as they input the security code, open the gate, and unlock the vault brimming with cash.  

Read More - Understanding The 4 Types of Cross-Site Scripting (XSS) Vulnerabilities

Application Security Security Culture

Jan 2, 2024

Why Investing in Secure Coding Training is More Impactful Than Bug Bounty Programs

Bug bounty programs incentivize ethical hackers to identify and report vulnerabilities. However, prioritizing comprehensive developer training may be more impactful for application security in the long run.

Read More - Why Investing in Secure Coding Training is More Impactful Than Bug Bounty Programs

Application Security

Dec 19, 2023

Security Champions are Key to Successful Threat Modeling Facilitation

In this article, we’ll dive into how Security Champions can be your company’s most effective threat modeling advocates and facilitators. 

Read More - Security Champions are Key to Successful Threat Modeling Facilitation

Application Security

Dec 14, 2023

5 Tips for Successful Cybersecurity Threat Modeling at Your Organization

With cybersecurity regularly getting the spotlight, focusing on securing our systems and data has become essential. One of the most efficient ways to start this is with threat modeling. This...

Read More - 5 Tips for Successful Cybersecurity Threat Modeling at Your Organization

Application Security

Dec 12, 2023

How To Use Threat Modeling to Minimize the Attack Surface of Your Application

As the application security community grows, threat modeling tips are shared daily. But let’s go back to the basics – what is threat modeling? And how does it protect your application? 

Read More - How To Use Threat Modeling to Minimize the Attack Surface of Your Application

Application Security Security Culture

Dec 7, 2023

Make AppSec Training Accessible for Everyone with WCAG

Corporate training builds a competent workforce. AppSec training for secure software. Prioritize accessibility in training.

Read More - Make AppSec Training Accessible for Everyone with WCAG

Security Journey News

Dec 5, 2023

Security Journey Launches Enterprise-Grade Security and Accessibility Features for World-Class Secure Coding Training Platform

Key product milestones are an industry first, marking a new maturity level in the AppSec education market.

Read More - Security Journey Launches Enterprise-Grade Security and Accessibility Features for World-Class Secure Coding Training Platform

Application Security

Dec 5, 2023

Boost Your Security with These 3 Game-Changing Threat Modeling Tools

In this blog post, we will explore three top threat modeling tools: Microsoft Threat Modeling Tool, IriusRisk, and OWASP Threat Dragon. 

Read More - Boost Your Security with These 3 Game-Changing Threat Modeling Tools

Application Security OWASP

Dec 1, 2023

Top 10 Biggest Security Threats to Your Products

Mike Burch and his team took the time to evaluate these lists and compile what we believe is a list to rule them all – the biggest threats to our products across the different technologies. 

Read More - Top 10 Biggest Security Threats to Your Products