Security Journey Blog

Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.

Stay Up-to-Date on all Security Journey news and events.

Featured Articles

Secure Coding Training

Don't Fall for the Hacker Genius: Secure Coding is About Diligence, Not Brilliance

Many believe only brilliant minds can write secure code, but secure coding is primarily about discipline and understanding vulnerabilities. The most significant data breaches in history stemmed from preventable coding errors rather than genius hacking.

Compliance & Regulations

What You Need To Know About Secure Coding Training for PCI DSS v4.0 Requirements

The latest version of the Payment Card Industry Data Security Standard (PCI DSS), version 4.0, was released in March 2022. Although the requirements won't take effect until 2025, it's crucial to start preparing now.

Topics

Learn About ‘Application Security (8)’

Application Security Compliance & Regulations

Jan 27, 2020

How to Go Beyond PCI Compliance to Secure Your Organization: Requirements 1-3

In the first post of this series, we discussed the Payment Card Industry Data Security Standard (PCI DSS), why it is important, and what the consequences are of being non-compliant. We also explained...

Application Security Compliance & Regulations

Jan 20, 2020

How to Go Beyond PCI Compliance Requirements to Secure Your Organization: Introduction

In 2000, the number of websites skyrocketed to 17 million, with more than 400 million internet users. Shortly after, a growing number of online stores came online, eager to capitalize on the...

Application Security

Dec 27, 2019

Same-Origin Policy And Cross-Origin Resource Sharing (CORS)

Modern web browsers provide many built-in security mechanisms to defend against attackers.

Secure Coding Training Application Security

Dec 27, 2019

Secure Software Development Defined

Software development follows what is called a Software Development Lifecycle, or S D L C. It is a process used for developing software.

Secure Coding Training Application Security

Dec 27, 2019

Why You Need a Vulnerability Disclosure Response Plan & How to Develop One

Most companies have an Incident Response Plan these days.

Secure Coding Training Application Security

Dec 27, 2019

Common Federated Identity Protocols: OpenID Connect vs OAuth vs SAML 2

When it comes to federated identity there are three major protocols used by companies: OAuth 2, OpenID Connect, and SAML.

Application Security

Dec 27, 2019

DevSecOps Best Practices

You’ve decided to integrate DevSecOps into your software development operations. That’s an important first step to improving your product’s overall security by including it into the development...

Application Security

Dec 26, 2019

What Is DevSecOps?

DevOps, that combination of software development and IT operations, is designed to improve the development life cycle, getting software to market quicker and improve overall deployment.

Application Security Security Culture

Dec 26, 2019

What Are Security Champion Responsibilities?

Your company has decided to add security champions to improve your overall security postures, and you’ve chosen great candidates to take on this role.

Secure Coding Training Application Security

Dec 26, 2019

Apache Struts 2 Namespace (CVE-2018-11776) Vulnerability

On 22 August 2018, a Semmle security researcher disclosed a critical vulnerability affecting the versions 2.3 to 2.3.34 and 2.5 to 2.5.16 of Apache Struts 2, one of the most used Java-based web application frameworks.

Application Security Security Culture

Dec 26, 2019

How Do You Select Security Champions?

Security champions should be an integral part of your security team. When this position was first introduced five or so years ago as part of the cybersecurity structure, the security champion was...

Secure Coding Training Application Security

Dec 26, 2019

Top 6 Application Security Must Dos with Limited Resources

The vast majority of application security teams are under resourced. The ideal is that application security teams will scale with development teams, but this rarely happens. Given this disadvantage,...

Security Journey Blog

Stay Up-to-Date on all Security Journey news and events.

Featured Articles

Don't Fall for the Hacker Genius: Secure Coding is About Diligence, Not Brilliance

What You Need To Know About Secure Coding Training for PCI DSS v4.0 Requirements

Learn About ‘Application Security (8)’

How to Go Beyond PCI Compliance to Secure Your Organization: Requirements 1-3

How to Go Beyond PCI Compliance Requirements to Secure Your Organization: Introduction

Same-Origin Policy And Cross-Origin Resource Sharing (CORS)

Secure Software Development Defined

Why You Need a Vulnerability Disclosure Response Plan & How to Develop One

Common Federated Identity Protocols: OpenID Connect vs OAuth vs SAML 2

DevSecOps Best Practices

What Is DevSecOps?

What Are Security Champion Responsibilities?

Apache Struts 2 Namespace (CVE-2018-11776) Vulnerability

How Do You Select Security Champions?

Top 6 Application Security Must Dos with Limited Resources

Contact Us

Contact Us

Contact Us