Security Coaches
NOTE: This article is written based on a conversation on the Application Security Podcast with Matt McGrath, called “Security Coaches."
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Empower Your Developers, Secure Your APIs: Free OWASP Top 10 Training
The digital world thrives on APIs, the connectors that power seamless interactions between applications and services....
What You Need To Know About Secure Coding Training for PCI DSS v4.0 Requirements
The latest version of the Payment Card Industry Data Security Standard (PCI DSS), version 4.0, was released in March 2022. Although the requirements won't take effect until 2025, it's crucial to start preparing now.
Read More
Posts by Security Journey/HackEDU Team
Threat modeling: Better Caught Than Taught
Everyone wants their engineering staff to be better at threat modeling. Security teams desire a world where developers practice a threat modeling mindset. A threat modeling mindset is where threat...
HackEDU Customer Case Study
Developers Find & Fix 5.6x More Vulnerabilities with HackEDU's Training: HackEDU Case Study.
OWASP API Security Top 10: Get Your Dev Team Up to Speed
This post was written by Chris Romeo during his tenure at Security Journey.
Marc Andreessen famously stated in 2011 that “software is eating the world.” Now, in 2019, application programming...
A Security Practitioner's Guide to Software Obsolescence
This post was written by Chris Romeo during his tenure at Security Journey.
Unlike wine and cheese, software does not get better with age—in fact, its security strength decreases over time. This is...
How to do Application Security on a Budget
This post was written by Chris Romeo during his tenure at Security Journey.
As a bit of a thought experiment, I asked myself, “What if I had to develop an application security program with a budget...
A Trusted Insider's Buyers Guide to SCA
This series was born from an interview on the Application Security Podcast, season 5, episode 18. On this episode, Chris and Robert interviewed Steve Springett about the world of the secure supply...
Tips for Application Security Program Building
This article was born from an interview on the Application Security Podcast, season 5, episode 19 between Brook Schoenfeld and Chris Romeo / Robert Hurlbut. We began the conversation talking about...
Software Supply Chain Risk and SCA -- Part One
This series was born from an interview on the Application Security Podcast, season 5, episode 18. Chris and Robert interviewed Steve Springett about the world of the secure supply chain. In part...
SAST vs DAST vs IAST
In the last twenty years, software applications have changed the way we work or do business. Software and in particular web applications store and handle increasingly more sensitive data. According...
How to Run an Effective Application Security Program Remotely
The good news is that running an effective application security program remotely is no different than running it in the office. However, the reality is that most companies are not at the point of...
HackEDU Launches Coding Challenges And Secure Coding Assessments
Coding Challenges are hands-on labs where software developers practice finding and fixing vulnerabilities in software. Developers have to both find the vulnerability and then securely write code in order to pass the challenge.