Secure Software Development Defined
Software development follows what is called a Software Development Lifecycle, or S D L C. It is a process used for developing software.
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Developer-Tailored Secure Code Training: A New Approach from Security Journey
Security training for developers has traditionally been a one-size-fits-all experience—generic, compliance-driven, and...
New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...
Why You Need a Vulnerability Disclosure Response Plan & How to Develop One
Most companies have an Incident Response Plan these days.
Common Federated Identity Protocols: OpenID Connect vs OAuth vs SAML 2
When it comes to federated identity there are three major protocols used by companies: OAuth 2, OpenID Connect, and SAML.
DevSecOps Best Practices
You’ve decided to integrate DevSecOps into your software development operations. That’s an important first step to improving your product’s overall security by including it into the development...
What Is DevSecOps?
DevOps, that combination of software development and IT operations, is designed to improve the development life cycle, getting software to market quicker and improve overall deployment.
What is PCI Compliance?
If your organization accepts credit card payments, you should be familiar with PCI DSS compliance. No matter your company size -- or how many credit card transactions you process - you are required...
What Are Security Champion Responsibilities?
Your company has decided to add security champions to improve your overall security postures, and you’ve chosen great candidates to take on this role.
Drupalgeddon2 (CVE-2018-7600) Vulnerability
Drupal is the second most popular Content Management System (CMS) in the world. According to BuiltWith, more than 637,360 websites currently use Drupal.
Apache Struts 2 Namespace (CVE-2018-11776) Vulnerability
On 22 August 2018, a Semmle security researcher disclosed a critical vulnerability affecting the versions
2.3 to 2.3.34 and 2.5 to 2.5.16 of Apache Struts 2, one of the most used Java-based web application frameworks.
How Do You Select Security Champions?
Security champions should be an integral part of your security team. When this position was first introduced five or so years ago as part of the cybersecurity structure, the security champion was...
HackEDU Partners with HackerOne to Expand Hacker101 Training
Software Developer Accountability
Many of our customers have used other secure development training in the past. One of the biggest complaints we hear is that developers just click through the slides or fast forward the videos and don’t really pay attention.