How to Measure the ROI of Application Security Training
We are currently in an application security dilemma that stems from growing security concerns, pressure on development teams, and a lack of structured security training.
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Developer-Tailored Secure Code Training: A New Approach from Security Journey
Security training for developers has traditionally been a one-size-fits-all experience—generic, compliance-driven, and...
New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...
Posts by Security Journey/HackEDU Team
Adopting Long Lasting AppSec Habits For 2023
The new year is traditionally a time to make resolutions and form good habits. It’s an opportunity that many of us take in both our professional and personal lives to adopt better practices and...
[datanami] Feds Boost Cyber Spending as Security Threats to Data Proliferate
Originally posted by Alex Woodie from datanami. Cybercriminals are exploiting vulnerabilities in Web applications, which are up 210% over the past few years.
Learning Science Principles in AppSec Education: Your Key to Success
Rolling out an employee training program requires commitment across the board. Stakeholders at all levels want to see a return on investment to justify the budget and time required by these programs.
[Security Journal Americas] A Look at AppSec Education for 2023
This article was written by Victoria Rees for Security Journal Americas. Amy Baker, Security Education Evangelist, Security Journey discusses the trends and challenges for the software development industry in 2023.
[Security Boulevard] Moving Beyond Security Awareness to Security Education
This article was written by Sue Poremba for Security Boulevard. While security awareness training is helpful to assist employees in recognizing threats, phishing and social engineering attacks are successful enough that it is clear that awareness training alone isn’t enough.
Are You Prepared for the Non-Malicious Insider Threat?
Software supply chain risks are a highly visible part of the cybersecurity threat landscape. From President Biden’s cybersecurity executive order to Gartner including them in its 2022 list of top...
A Look Ahead: Secure Coding Training in 2023
In the current economic climate, organizations are under increasing pressure to bring new products and services to market faster than ever. As a result, the security of those applications remains an afterthought.
[Reversing Labs] GitHub Repojacking Attack: 10 Lessons for Software Teams
This article was written by John P. Mello Jr. for Reversing Labs. Software supply chain attacks are on the rise because of their reach. Here are 10 valuable lessons from the recent GitHub namespace attack.
Your Guide to Developer Training Requirements in AppSec Compliance
Organizations that develop software know that application security is a top priority. Safeguarding customer data is critical. There are many rules, regulations, and frameworks in place to protect...
Filling the Application Security Education Gap
While we’ve seen promising steps in the right direction when it comes to application security, there is still a significant gap in secure coding knowledge across the entire software development...
Learning Swing: Measuring Knowledge Gain in Secure Coding Training Programs
A measurable increase in a learner’s knowledge after completing training is an essential component to any successful education program. Measurable knowledge gain is one way to prove your program’s effectiveness and value.