Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Don't Fall for the Hacker Genius: Secure Coding is About Diligence, Not Brilliance
What You Need To Know About Secure Coding Training for PCI DSS v4.0 Requirements
Introducing HackEDU!
The cost of security breaches are skyrocketing, bug bounty programs are getting expensive, cybersecurity professionals are difficult to find, and developers don’t want to take security training or...
How to hack your security culture
This post was written by Chris Romeo during his tenure at Security Journey.
Changing security culture appears straightforward at first glance: You tell people to do things differently than before,...
How do you start in cybersecurity?
Here are five things that have impacted me in my career, and helped me to grow both as a security person and a human being.
Secure Development Lifecycle: The essential guide to safe software pipelines
This post was written by Chris Romeo during his tenure at Security Journey.
Customers demand secure products out of the box, so security should be a top priority that should be top of mind for...
How developers can take the lead on security
This post was written by Chris Romeo during his tenure at Security Journey.
On the Internet, detection and reporting of vulnerabilities in software is a daily occurrence. Where do those...
How to put the S (for security) into your IoT development
This post was written by Chris Romeo during his tenure at Security Journey.
A joke about the Internet of Things has been shared around Twitter over the past few months; I saw it attributed to a guy...
Why OWASP's Threat Dragon will change the game on threat modeling
This post was written by Chris Romeo during his tenure at Security Journey.
Threat modeling has always been a dream of mine. Not that I sit around and dream of threat modeling all day, but I dream...
The 3 most crucial security behaviors in DevSecOps
This post was written by Chris Romeo during his tenure at Security Journey.
What if I told you that you could change the security posture of your entire DevOps team without ever documenting a single...
A primer on secure DevOps: Why DevSecOps matters
This post was written by Chris Romeo during his tenure at Security Journey.
I’ve been in the world of security for 20-plus years, I have seen trends come and go, but I’ve never seen anything as...
4 ways to engage developers who couldn't care less about security
This post was written by Chris Romeo during his tenure at Security Journey.
You would think that there is not a single developer on earth who has avoided the impact of a data breach or security...
Information security needs community: 6 ways to build up your teams
This post was written by Chris Romeo during his tenure at Security Journey.
Every application security and SecOps organization needs to connect people under the banner of security. The security of...