How Do You Select Security Champions?
Security champions should be an integral part of your security team. When this position was first introduced five or so years ago as part of the cybersecurity structure, the security champion was...
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Developer-Tailored Secure Code Training: A New Approach from Security Journey
Security training for developers has traditionally been a one-size-fits-all experience—generic, compliance-driven, and...
New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...
Posts by Security Journey/HackEDU Team
HackEDU Partners with HackerOne to Expand Hacker101 Training
Software Developer Accountability
Many of our customers have used other secure development training in the past. One of the biggest complaints we hear is that developers just click through the slides or fast forward the videos and don’t really pay attention.
Public Vulnerability Sandboxes
HackEDU has added a new Public Vulnerabilities offering to enhance the training experience. Public vulnerabilities are sandboxes with vulnerabilities that have been disclosed in popular software products such as Drupal, Struts 2, Wordpress, etc.
HackEDU Platform Tutorial
HackEDU provides best in class interactive cybersecurity training for companies looking to train developers to code more securely and for individuals brand new to the field looking to break in. We are passionate about teaching cybersecurity and aim to lower barriers to learn security and give safe and legal environments for exploration.
Top 6 Application Security Must Dos with Limited Resources
The vast majority of application security teams are under resourced. The ideal is that application security teams will scale with development teams, but this rarely happens. Given this disadvantage,...
OWASP Top 10 Mini Series - Command Injection Cheat Sheet
Command injection is similar to SQL injection, but instead of injecting into a SQL query, you are injecting a command into the Operating System. User data can be input to alter the intent of the command that is being executed.
OWASP Top 10 Mini Series - SQL Injection
SQL Injection vulnerability allows attackers to alter database queries to take actions other than what the developer intended. This could allow an attacker to bypass authentication, steal data, alter site and database contents, or even destroy your database.
When Should I Start Secure Development Training?
I know what it is like to have competing priorities. When I was the Chief Information Security Officer at AirMap, there was a constant pressure to build product, and security was always fighting for...
HackEDU Two Time Award Winner
FinancesOnline, one of the most respected and reliable analytical review platforms on today’s B2B market, wrote a very positive HackEDU Security Development Training overview. We are happy to...
Barriers to Start Cybersecurity
The cybersecurity industry is facing a shortage of professionals, in part because of a lack of high-quality and accessible training. Cybersecurity training has several issues that make accessibility...
How Can Compliance Lead to Better Security?
Although compliance gets companies to a minimum standard (whether it is PCI-DSS, HIPAA/HITRUST, NIST 800-53, or ISO 27001), it does not necessarily guarantee security. Unfortunately, instead of...