Security Journey Blog

Research

Oct 4, 2021

Making Sense of OWASP A08:2021 – Software & Data Integrity Failures

New OWASP 2021 Top Ten List includes new categories. This time around, the list item number A08, Software and Data Integrity Failures, offers insight into the changing nature of application security...

Read More - Making Sense of OWASP A08:2021 – Software & Data Integrity Failures

Sep 30, 2021

OWASP Top 10 2021 List - What’s New and What Should You Do to Respond?

As you may already know, the OWASP Top 10 is an awareness document that helps developers learn about common software security issues and the corresponding remediations.

Read More - OWASP Top 10 2021 List - What’s New and What Should You Do to Respond?

Secure Coding Training Application Security

Sep 23, 2021

How do you Practice Secure Coding?

Developers are the foundation of an organization’s digital strategy, building the products and services that drive revenue and help their company to operate more efficiently.

Read More - How do you Practice Secure Coding?

News and Announcements

Sep 16, 2021

We Made Some Major Improvements To Our Training

We constantly strive to improve our secure coding training platform, and as part of that effort, we pay close attention to the feedback that everyone who uses our product provides us.

Read More - We Made Some Major Improvements To Our Training

Secure Coding Training Application Security

Sep 9, 2021

What is the S-SDLC or Secure SDLC?

There was a point in time when the only thing that mattered when it came to software development was that functional software was deployed in the stipulated time.

Read More - What is the S-SDLC or Secure SDLC?

Research

Sep 8, 2021

A Developer's Guide to Attacker Motivation in the Supply Chain

This post was written by Chris Romeo during his tenure at Security Journey. This article was originally appeared on TechBeacon.com on August 16, 2021. You can access it here.

Read More - A Developer's Guide to Attacker Motivation in the Supply Chain

Application Security

Aug 19, 2021

What is Threat Modeling? (Practical Guide + Threat Modeling Template)

Threat Modeling is the process of identifying risks to a system. This includes defining potential threats, identifying issues that could arise from these threats, and developing mitigation strategies. 

Read More - What is Threat Modeling? (Practical Guide + Threat Modeling Template)

Research

Aug 5, 2021

Why Cybersecurity Pros Need to Learn How to Code

This article was originally appeared on at TechBeacon.com on July 6, 2021. You can access it here.

Read More - Why Cybersecurity Pros Need to Learn How to Code

Secure Coding Training Application Security

Aug 4, 2021

Finding Vulnerabilities:  Differences among Vulnerability Scanning, Pen Testing, Bug Bounty, Red Team and Purple Team Compared

When designing systems to be impervious to outside activity, you should always aim to be at least two steps ahead of your adversaries. Whatever it is that you want to protect, whether it’s a physical...

Read More - Finding Vulnerabilities:  Differences among Vulnerability Scanning, Pen Testing, Bug Bounty, Red Team and Purple Team Compared

Secure Coding Training Application Security News and Announcements

Jul 30, 2021

What Are Git Hooks?

Hooks are scripts that run at different steps during the commit process. They are completely customizable and will trigger events at key points during the development life cycle. Some examples of...

Read More - What Are Git Hooks?

Secure Coding Training Security Culture

Jul 26, 2021

What is a Capture The Flag Event, and How Does It Benefit Developers?

A Capture the Flag event, or CTF for short, is a gamified exercise designed to test cybersecurity skills. The goal of the game, much like in the live-action, outdoor game many of us remember from childhood, is to get the highest score by capturing the most flags. 

Read More - What is a Capture The Flag Event, and How Does It Benefit Developers?

Application Security Security Culture

Jul 8, 2021

How Security Champions Help Improve Application Security

Application security is a major concern for many organizations.  In 2020, over 23,000 new vulnerabilities were discovered and publicly reported in production applications.  On average, a codebase ...

Read More - How Security Champions Help Improve Application Security