Security Journey Blog

Security Culture Security Journey News

Feb 9, 2023

[Help Net Security] Establishing Secure Habits for Software Development in 2023

This article was written by Amy Baker for Help Net Security. As a new year commences, it’s not unusual for people to take the opportunity to adopt better practices and principles and embrace new ways of thinking in both their personal and professional lives.

Read More - [Help Net Security] Establishing Secure Habits for Software Development in 2023

Secure Coding Training Research

Feb 8, 2023

How Code Scanning Tools Are Letting You Down

Do you rely on code scanning tools to ensure your code is secure? Or do you combine code scanning tools with code reviews and secure code training? Recent research shows that code scanning tools alone may not be enough to protect against vulnerabilities.  

Read More - How Code Scanning Tools Are Letting You Down

Secure Coding Training Research

Feb 2, 2023

Secure Code Training vs. Code Scanning Tools

According to the EMA research, 69.3% of organizations have SDLCs (Software Development Lifecycle) that miss critical security steps. With a growing number of vulnerabilities, organizations are looking into how they can secure their SDLC.  

Read More - Secure Code Training vs. Code Scanning Tools

News and Announcements

Jan 31, 2023

Security Journey Announces Unified Education Platform for Enhanced AppSec Training

The most adopted secure coding training solution helps companies satisfy regulatory requirements such as PCI and supports the White House Executive Order on cybersecurity. 

Read More - Security Journey Announces Unified Education Platform for Enhanced AppSec Training

Application Security Security Journey News

Jan 30, 2023

[DEVOPS Digest] Is the Developer the Forgotten Non-Malicious Insider Threat?

This article was written by John Campbell for DEVOPS Digest. Gartner named software supply chain attacks the second biggest threat for 2022 and predicted that 45% of organizations will have experienced one or more software supply chain attacks by 2025.

Read More - [DEVOPS Digest] Is the Developer the Forgotten Non-Malicious Insider Threat?

Application Security Security Culture

Jan 24, 2023

International Day of Education: An Opportunity to Promote Long-Lasting Secure Coding Habits

Jan 24^th has been proclaimed by the United Nations Generation Assembly as the International Day of Education, seeking to raise awareness about the need to invest in people and the importance of education.

Read More - International Day of Education: An Opportunity to Promote Long-Lasting Secure Coding Habits

Secure Coding Training Security Journey News

Jan 23, 2023

[Help Net Security] Trained Developers Get Rid Of More Vulnerabilities Than Code Scanning Tools

This article was originally written for Help Net Security. Researchers also found that as many as 70% of organizations are missing critical security steps in their software development lifecycle (SDLC), highlighting a struggle with a ‘shift-left’ approach.

Read More - [Help Net Security] Trained Developers Get Rid Of More Vulnerabilities Than Code Scanning Tools

Application Security Security Journey News

Jan 20, 2023

[VMblog.com] Security Journey 2023 Predictions: A Greater Focus on Application Security

This article was originally written by Amy Baker for VMblog.com. Given the incredibly competitive and challenging economic environment, we are seeing a continuous investment across organizations into application development in the race to win market share.

Read More - [VMblog.com] Security Journey 2023 Predictions: A Greater Focus on Application Security

Application Security Research

Jan 19, 2023

Is Secure Coding Training a Better Investment Than Code Scanning Tools for Reducing Application Vulnerabilities?

A new secure coding practices study, released by EMA, reveals the implementation of ‘shift-left’ is slow, with only 25% of organizations adopting a ‘shift-left’ strategy for security.

Read More - Is Secure Coding Training a Better Investment Than Code Scanning Tools for Reducing Application Vulnerabilities?

Application Security

Jan 12, 2023

How to Measure the ROI of Application Security Training

We are currently in an application security dilemma that stems from growing security concerns, pressure on development teams, and a lack of structured security training.  

Read More - How to Measure the ROI of Application Security Training

Application Security Research

Jan 10, 2023

Adopting Long Lasting AppSec Habits For 2023

The new year is traditionally a time to make resolutions and form good habits. It’s an opportunity that many of us take in both our professional and personal lives to adopt better practices and...

Read More - Adopting Long Lasting AppSec Habits For 2023

Compliance & Regulations Security Journey News

Jan 5, 2023

[datanami] Feds Boost Cyber Spending as Security Threats to Data Proliferate

Originally posted by Alex Woodie from datanami. Cybercriminals are exploiting vulnerabilities in Web applications, which are up 210% over the past few years.

Read More - [datanami] Feds Boost Cyber Spending as Security Threats to Data Proliferate