Security Journey Blog

Application Security

Dec 26, 2019

When Should I Launch a Bug Bounty Program?

Bug bounty programs - where individuals can receive recognition and compensation for reporting security vulnerabilities - are useful for organizations, especially when developing an application security program.

Read More - When Should I Launch a Bug Bounty Program?

Secure Coding Training

Dec 26, 2019

Secure Development Training Offers Innovative Approach for Fixing Vulnerable Software

30% of data breaches in 2017 took advantage of software vulnerabilities and weaknesses, costing companies on average $3.6 million per security breach. Many companies address security issues by neglecting security training or by adopting defensive-only training approaches.

Read More - Secure Development Training Offers Innovative Approach for Fixing Vulnerable Software

Secure Coding Training

Dec 24, 2019

Why is Secure Development Training Needed?

Read More - Why is Secure Development Training Needed?

Secure Coding Training News and Announcements

Dec 24, 2019

Introducing HackEDU!

The cost of security breaches are skyrocketing, bug bounty programs are getting expensive, cybersecurity professionals are difficult to find, and developers don’t want to take security training or...

Read More - Introducing HackEDU!

Security Culture

Nov 28, 2019

How to hack your security culture

This post was written by Chris Romeo during his tenure at Security Journey.

Changing security culture appears straightforward at first glance: You tell people to do things differently than before,...

Read More - How to hack your security culture

Application Security

Oct 10, 2019

How do you start in cybersecurity?

Here are five things that have impacted me in my career, and helped me to grow both as a security person and a human being.

Read More - How do you start in cybersecurity?

Research

May 3, 2019

Secure Development Lifecycle: The essential guide to safe software pipelines

This post was written by Chris Romeo during his tenure at Security Journey.

Customers demand secure products out of the box, so security should be a top priority that should be top of mind for...

Read More - Secure Development Lifecycle: The essential guide to safe software pipelines

Application Security

Mar 20, 2019

How developers can take the lead on security

This post was written by Chris Romeo during his tenure at Security Journey.

On the Internet, detection and reporting of vulnerabilities in software is a daily occurrence. Where do those...

Read More - How developers can take the lead on security

Research

Feb 24, 2019

How to put the S (for security) into your IoT development

This post was written by Chris Romeo during his tenure at Security Journey.

A joke about the Internet of Things has been shared around Twitter over the past few months; I saw it attributed to a guy...

Read More - How to put the S (for security) into your IoT development

Research

Jan 14, 2019

Why OWASP's Threat Dragon will change the game on threat modeling

This post was written by Chris Romeo during his tenure at Security Journey.

Threat modeling has always been a dream of mine. Not that I sit around and dream of threat modeling all day, but I dream...

Read More - Why OWASP's Threat Dragon will change the game on threat modeling

Research

Dec 25, 2018

The 3 most crucial security behaviors in DevSecOps

This post was written by Chris Romeo during his tenure at Security Journey.

What if I told you that you could change the security posture of your entire DevOps team without ever documenting a single...

Read More - The 3 most crucial security behaviors in DevSecOps

Research

Oct 27, 2018

A primer on secure DevOps: Why DevSecOps matters

This post was written by Chris Romeo during his tenure at Security Journey.

I’ve been in the world of security for 20-plus years, I have seen trends come and go, but I’ve never seen anything as...

Read More - A primer on secure DevOps: Why DevSecOps matters