Security Journey Blog

Secure Coding Training

Jan 4, 2023

Learning Science Principles in AppSec Education: Your Key to Success

Rolling out an employee training program requires commitment across the board. Stakeholders at all levels want to see a return on investment to justify the budget and time required by these programs. 

Read More - Learning Science Principles in AppSec Education: Your Key to Success

Security Culture Security Journey News

Dec 22, 2022

[Security Journal Americas] A Look at AppSec Education for 2023

This article was written by Victoria Rees for Security Journal Americas. Amy Baker, Security Education Evangelist, Security Journey discusses the trends and challenges for the software development industry in 2023.

Read More - [Security Journal Americas] A Look at AppSec Education for 2023

Security Culture Security Journey News

Dec 19, 2022

[Security Boulevard] Moving Beyond Security Awareness to Security Education

This article was written by Sue Poremba for Security Boulevard. While security awareness training is helpful to assist employees in recognizing threats, phishing and social engineering attacks are successful enough that it is clear that awareness training alone isn’t enough.

Read More - [Security Boulevard] Moving Beyond Security Awareness to Security Education

Application Security

Dec 9, 2022

Are You Prepared for the Non-Malicious Insider Threat?

Software supply chain risks are a highly visible part of the cybersecurity threat landscape. From President Biden’s cybersecurity executive order to Gartner including them in its 2022 list of top...

Read More - Are You Prepared for the Non-Malicious Insider Threat?

Secure Coding Training

Nov 29, 2022

A Look Ahead: Secure Coding Training in 2023

In the current economic climate, organizations are under increasing pressure to bring new products and services to market faster than ever. As a result, the security of those applications remains an afterthought.

Read More - A Look Ahead: Secure Coding Training in 2023

Application Security Security Journey News

Nov 23, 2022

[Reversing Labs] GitHub Repojacking Attack: 10 Lessons for Software Teams

This article was written by John P. Mello Jr. for Reversing Labs. Software supply chain attacks are on the rise because of their reach. Here are 10 valuable lessons from the recent GitHub namespace attack.

Read More - [Reversing Labs] GitHub Repojacking Attack: 10 Lessons for Software Teams

Compliance & Regulations

Nov 21, 2022

Your Guide to Developer Training Requirements in AppSec Compliance

Organizations that develop software know that application security is a top priority. Safeguarding customer data is critical. There are many rules, regulations, and frameworks in place to protect...

Read More - Your Guide to Developer Training Requirements in AppSec Compliance

Application Security

Nov 3, 2022

Filling the Application Security Education Gap

While we’ve seen promising steps in the right direction when it comes to application security, there is still a significant gap in secure coding knowledge across the entire software development...

Read More - Filling the Application Security Education Gap

Application Security

Nov 2, 2022

Learning Swing: Measuring Knowledge Gain in Secure Coding Training Programs

A measurable increase in a learner’s knowledge after completing training is an essential component to any successful education program. Measurable knowledge gain is one way to prove your program’s effectiveness and value. 

Read More - Learning Swing: Measuring Knowledge Gain in Secure Coding Training Programs

Security Culture Security Journey News

Oct 31, 2022

[Dark Reading] Does Security Have to Get Worse Before It Gets Better?

This article was written by Amy Baker for Dark Reading. How to solve the software vulnerability problem across the entire SDLC.

Read More - [Dark Reading] Does Security Have to Get Worse Before It Gets Better?

Security Culture Security Journey News

Oct 25, 2022

[Dark Reading] Security Leaders are Calling for Industry to Take Action and Programmatically Improve Secure Coding Education

This article was posted on Dark Reading. Currently, none of the top 50 undergraduate computer science programs in the U.S. require a course in code or application security.

Read More - [Dark Reading] Security Leaders are Calling for Industry to Take Action and Programmatically Improve Secure Coding Education

Application Security

Oct 7, 2022

Beyond Security Awareness: Safer Apps through Education

The past decade has seen security awareness go from a new concept to a security strategy embedded in most organizations.  Several regulations recommend security training but do so in very broad terms.

Read More - Beyond Security Awareness: Safer Apps through Education