Feeling Exhausted? The AppSec Dilemma Could Be to Blame
From the growing number of vulnerabilities to the increasing pressure to release apps quicker, security and development teams must join forces to create secure applications.
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Developer-Tailored Secure Code Training: A New Approach from Security Journey
Security training for developers has traditionally been a one-size-fits-all experience—generic, compliance-driven, and...
New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...
Learn About ‘Application Security (5)’
Bridging the Security and Development Divide
It's time to bridge the divide between security and development teams to create a more productive software development lifecycle.
Patch Tuesday: March 2023
Following March’s Patch Tuesday updates, it’s important that we don’t forget equally critical patches released earlier in the month.
What is Application Security Training?
Does your organization have application security training? Considering that 95% of data breaches last year were on web apps, now may be the time to invest in comprehensive training that can be applied to everyone within your SDLC.
What The National Cyber Strategy Means For You [2023]
The new National Cyber Strategy from the Biden administration aims to strengthen the nation's cybersecurity and protect against cyber threats. The strategy emphasizes cybersecurity more, with increased regulation, collaboration, and funding for cybersecurity initiatives.
[Dark Reading] 'New Class of Bugs' in Apple Devices Opens the Door to Complete Takeover
This article was written by Nate Nelson for Dark Reading. With the right kind of exploit, there's hardly any function, app, or bit of data an attacker couldn't access on your Mac, iPad, or iPhone.
[DEVOPS Digest] Is the Developer the Forgotten Non-Malicious Insider Threat?
This article was written by John Campbell for DEVOPS Digest. Gartner named software supply chain attacks the second biggest threat for 2022 and predicted that 45% of organizations will have experienced one or more software supply chain attacks by 2025.
International Day of Education: An Opportunity to Promote Long-Lasting Secure Coding Habits
Jan 24th has been proclaimed by the United Nations Generation Assembly as the International Day of Education, seeking to raise awareness about the need to invest in people and the importance of education.
[VMblog.com] Security Journey 2023 Predictions: A Greater Focus on Application Security
This article was originally written by Amy Baker for VMblog.com. Given the incredibly competitive and challenging economic environment, we are seeing a continuous investment across organizations into application development in the race to win market share.
Is Secure Coding Training a Better Investment Than Code Scanning Tools for Reducing Application Vulnerabilities?
A new secure coding practices study, released by EMA, reveals the implementation of ‘shift-left’ is slow, with only 25% of organizations adopting a ‘shift-left’ strategy for security.
How to Measure the ROI of Application Security Training
We are currently in an application security dilemma that stems from growing security concerns, pressure on development teams, and a lack of structured security training.