Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Developer-Tailored Secure Code Training: A New Approach from Security Journey
Security training for developers has traditionally been a one-size-fits-all experience—generic, compliance-driven, and...
New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...
AI Security: Insights from the Security Journey Content Team
The rise of AI brings incredible opportunities, but also unprecedented security challenges. At Security Journey, we believe security is not a mere checklist, but an ongoing journey.
How to Evaluate Developer Engagement and Learning in Secure Code Training
Security is a critical aspect of software development, and secure coding practices help mitigate vulnerabilities before they become costly breaches. However, simply implementing a secure code...
10 Professional Developers on the True Promise and Peril of Vibe Coding
THIS ARTICLE WAS WRITTEN BY DAVID GEWIRTZ FOR ZDNET.COM.
Is vibe coding the future of software or a security nightmare in disguise? Here's how experienced developers are responding to the latest...
Developer-Tailored Secure Code Training: A New Approach from Security Journey
Security training for developers has traditionally been a one-size-fits-all experience—generic, compliance-driven, and often irrelevant to a developer’s actual work. At Security Journey, we recognize...
Leveraging CWEs in Secure Code Training
We are currently in an application security dilemma that costs organizations millions of dollars annually.
Empower Developers to Preserve Human Agency in Today’s World of Automation
Nearly everything we use is built on code, from cars to smart fridges to doorbells. In businesses, countless applications keep devices, workflows, and operations running.
New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing security vulnerabilities. This week, we’re excited to announce the release of ...
Server-Side Request Forgery Attacks: What Devs Need to Know
We'll explore the reasons for PCI-DSS's existence, the consequences of non-compliance, and how adhering to these standards benefits both your business and your customers.
Unlocking Developer Potential: Why Developer Security Knowledge Assessments Are Critical for Your Organization
In the interconnected landscape of APIs, robust security is non-negotiable to prevent devastating consequences such as data breaches, financial losses, and reputational damage.
From Disruption to Integration: Rethinking Just-in-Time Security Training
In the interconnected landscape of APIs, robust security is non-negotiable to prevent devastating consequences such as data breaches, financial losses, and reputational damage.
Understanding Denial of Service (DoS) Attacks: A Comprehensive Guide
We'll explore the reasons for PCI-DSS's existence, the consequences of non-compliance, and how adhering to these standards benefits both your business and your customers.