Security Journey Blog

Security Journey News

Jul 28, 2023

The AppSec Dilemma: Investing in Education Amidst Mass Tech Layoffs

This article was originally published on Solutions Review. From mass redundancies at Big Tech firms like Google, Meta, and Microsoft, to reducing teams in SMEs and small fintech startups, layoffs are impacting thousands of tech and cybersecurity workers. 

Read More - The AppSec Dilemma: Investing in Education Amidst Mass Tech Layoffs

Security Journey News

Jul 28, 2023

White House Cybersecurity Strategy Implementation Plan Released: 65 Mandatory Initiatives, Increased Public-Private Partnerships

This article was originally published on CPO Magazine. The much-anticipated implementation plan for the Biden administration’s National Cybersecurity Strategy was released late last week and a flurry of work in updating and improvement is now expected, particularly at federal civilian agencies that maintain legacy systems.

Read More - White House Cybersecurity Strategy Implementation Plan Released: 65 Mandatory Initiatives, Increased Public-Private Partnerships

Security Journey News

Jul 28, 2023

How Developers Can Work With Generative AI Securely

This article was originally written by John Campbell and published on DZone. Four tips to help the SDLC strike a balance between the improved productivity that generative AI brings and the risks it poses to code security.

Read More - How Developers Can Work With Generative AI Securely

Security Journey News

Jul 28, 2023

Security From the Start Is a Great Aspiration – But How Do We Achieve It?

This article was written by Amy Baker, Security Education Evangelist at Security Journey, for Enterprise Security Tech. In today's digital landscape, the importance of application security cannot be overstated.

Read More - Security From the Start Is a Great Aspiration – But How Do We Achieve It?

Compliance & Regulations

Jul 27, 2023

What You Need To Know About Secure Coding Training for PCI DSS v4.0 Requirements

The latest version of the Payment Card Industry Data Security Standard (PCI DSS), version 4.0, was released in March 2022. Although the requirements won't take effect until 2025, it's crucial to start preparing now. 

Read More - What You Need To Know About Secure Coding Training for PCI DSS v4.0 Requirements

Secure Coding Training

Jul 20, 2023

How to Integrate Role-Based Developer Training into Your AppSec Program

As a security awareness training program administrator, you have a lot on your plate. You're running a robust program, you are working on building a more secure culture across your organization, and now you're being asked to roll out more specific role-based training for security-critical roles such as developers.  

Read More - How to Integrate Role-Based Developer Training into Your AppSec Program

Secure Coding Training

Jul 18, 2023

Why Input Validation is Crucial for Secure Coding Training

While input validation may seem like a foundational topic for developers, it serves as the first line of defense against attacks on your system and should be prioritized within your secure coding training program. 

Read More - Why Input Validation is Crucial for Secure Coding Training

Secure Coding Training Security Culture

Jul 15, 2023

Boost Your Development Team's Secure Coding Skills with Security Journey Tournaments

In this article, we'll discuss how AppSec tournaments can help drive engagement in secure coding training and how Security Journey's tournament features can make it easier for organizations to implement them. 

Read More - Boost Your Development Team's Secure Coding Skills with Security Journey Tournaments

Security Journey News

Jul 13, 2023

Security Journey accelerated secure coding training platform enhancements to drive development team engagement and application security knowledge gain

Enhanced tournaments and over 800 lessons across more than 40 languages, frameworks, and technologies to drive up to 85% knowledge gain 

Read More - Security Journey accelerated secure coding training platform enhancements to drive development team engagement and application security knowledge gain

Security Culture Security Journey News

Jul 12, 2023

Security Journey is Enhancing its Secure Coding Training Platform for Improved Engagement and Increased Security Knowledge Gain

Our secure coding training platform has undergone significant enhancements since we merged our training platforms earlier this year. 

Read More - Security Journey is Enhancing its Secure Coding Training Platform for Improved Engagement and Increased Security Knowledge Gain

Compliance & Regulations

Jul 7, 2023

#StopRansomware: Secure Your Code

Cybersecurity and Infrastructure Security Agency (CISA) provides valuable guidance and resources to help organizations protect themselves and the public against ransomware attacks, which are on the rise worldwide. 

Read More - #StopRansomware: Secure Your Code

Secure Coding Training Security Culture

Jul 5, 2023

How To Use Implicit Gamification For AppSec Training

Gamification is more about understanding human motivations that drive us to play games to apply these techniques in other areas of life. 

Read More - How To Use Implicit Gamification For AppSec Training