Security Journey Blog

Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.

Stay Up-to-Date on all Security Journey news and events.

Featured Articles

Secure Coding Training

Don't Fall for the Hacker Genius: Secure Coding is About Diligence, Not Brilliance

Many believe only brilliant minds can write secure code, but secure coding is primarily about discipline and understanding vulnerabilities. The most significant data breaches in history stemmed from preventable coding errors rather than genius hacking.

Compliance & Regulations

What You Need To Know About Secure Coding Training for PCI DSS v4.0 Requirements

The latest version of the Payment Card Industry Data Security Standard (PCI DSS), version 4.0, was released in March 2022. Although the requirements won't take effect until 2025, it's crucial to start preparing now.

Topics

News and Announcements

Sep 16, 2021

We Made Some Major Improvements To Our Training

We constantly strive to improve our secure coding training platform, and as part of that effort, we pay close attention to the feedback that everyone who uses our product provides us.

Secure Coding Training Application Security

Sep 9, 2021

What is the S-SDLC or Secure SDLC?

There was a point in time when the only thing that mattered when it came to software development was that functional software was deployed in the stipulated time.

Research

Sep 8, 2021

A Developer's Guide to Attacker Motivation in the Supply Chain

This post was written by Chris Romeo during his tenure at Security Journey. This article was originally appeared on TechBeacon.com on August 16, 2021. You can access it here.

Application Security

Aug 19, 2021

What is Threat Modeling? (Practical Guide + Threat Modeling Template)

Threat Modeling is the process of identifying risks to a system. This includes defining potential threats, identifying issues that could arise from these threats, and developing mitigation strategies.

Research

Aug 5, 2021

Why Cybersecurity Pros Need to Learn How to Code

This article was originally appeared on at TechBeacon.com on July 6, 2021. You can access it here.

Secure Coding Training Application Security

Aug 4, 2021

Finding Vulnerabilities: Differences among Vulnerability Scanning, Pen Testing, Bug Bounty, Red Team and Purple Team Compared

When designing systems to be impervious to outside activity, you should always aim to be at least two steps ahead of your adversaries. Whatever it is that you want to protect, whether it’s a physical...

Secure Coding Training Application Security News and Announcements

Jul 30, 2021

What Are Git Hooks?

Hooks are scripts that run at different steps during the commit process. They are completely customizable and will trigger events at key points during the development life cycle. Some examples of...

Secure Coding Training Security Culture

Jul 26, 2021

What is a Capture The Flag Event, and How Does It Benefit Developers?

A Capture the Flag event, or CTF for short, is a gamified exercise designed to test cybersecurity skills. The goal of the game, much like in the live-action, outdoor game many of us remember from childhood, is to get the highest score by capturing the most flags.

Application Security Security Culture

Jul 8, 2021

How Security Champions Help Improve Application Security

Application security is a major concern for many organizations. In 2020, over 23,000 new vulnerabilities were discovered and publicly reported in production applications. On average, a codebase ...

Research

Jul 8, 2021

TypeScript Doesn't Suck; You Just Don't Care About Security

The introduction of TypeScript elicited a divided reaction from the JavaScript community. Some liked the new superset, which added static and strong typing. Many hate it with a burning passion from...

Application Security

Jul 1, 2021

Why developers dislike security—and what you can do about it

This post was written by Chris Romeo during his tenure at Security Journey. This article originally appeared on TechBeacon.com on May 18, 2021. You can access it here.

Secure Coding Training Application Security

Jun 21, 2021

What Are Bug Bounty Programs, And Why Are They Becoming So Popular?

Some organizations run bug bounty programs as a way to identify and fix vulnerabilities within their production applications. A bug bounty program gives ethical hackers permission to test if an...

Security Journey Blog

Stay Up-to-Date on all Security Journey news and events.

Featured Articles

Don't Fall for the Hacker Genius: Secure Coding is About Diligence, Not Brilliance

What You Need To Know About Secure Coding Training for PCI DSS v4.0 Requirements

We Made Some Major Improvements To Our Training

What is the S-SDLC or Secure SDLC?

A Developer's Guide to Attacker Motivation in the Supply Chain

What is Threat Modeling? (Practical Guide + Threat Modeling Template)

Why Cybersecurity Pros Need to Learn How to Code

Finding Vulnerabilities: Differences among Vulnerability Scanning, Pen Testing, Bug Bounty, Red Team and Purple Team Compared

What Are Git Hooks?

What is a Capture The Flag Event, and How Does It Benefit Developers?

How Security Champions Help Improve Application Security

TypeScript Doesn't Suck; You Just Don't Care About Security

Why developers dislike security—and what you can do about it

What Are Bug Bounty Programs, And Why Are They Becoming So Popular?

Contact Us

Contact Us

Contact Us