Fortifying the Castle: A Quest to Secure the SDLC
Every business is a software business today. But as the pressure to churn out new applications and features grows, so do the chances of developers making mistakes.
Security Journey Blog
Here you’ll find the latest news, information, and trends in application security and compliance, plus tips and strategies for writing safer code and building a security culture.
Stay Up-to-Date on all Security Journey news and events.
Featured Articles
Developer-Tailored Secure Code Training: A New Approach from Security Journey
Security training for developers has traditionally been a one-size-fits-all experience—generic, compliance-driven, and...
New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25
At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing...
Learn About ‘Diligent Developer’
Free Security Awareness and Education Program for Cybersecurity Awareness Month
Security Journey’s Diligent Developer Program champions hands-on training in breaking and fixing code to provide the skills development teams need to code securely.
OWASP Top 10 Server-Side Request Forgery Explained
This article will review Server-Side Request Forgery, commonly known as SSRF, and how you can protect against SSRF attacks.
Security Journey launches “The Diligent Developer” Limited Time Free Security Education Program
The Diligent Developer program provides product access and resources on OWASP Top 10 in support of National Coding Week.
OWASP Top 10 Software and Integrity Failures Explained
This article will review what Software and Integrity Failures are and provide recommendations for protecting against them.
OWASP Top 10 Security Logging and Monitoring Failures Explained
In this article, we will review what Security Logging and Monitoring Failures are and provide recommendations for protecting against them.
OWASP Top 10 Identification and Authentication Failures
In this article, we will concentrate on Identification and Authentication Failures and provide recommendations for protecting against them.
OWASP Top 10 Vulnerable and Outdated Components Explained
In this article, we will concentrate on Vulnerable and Outdated Components, provide recommendations on how to prevent the exploitation of your software, and dive into how The Diligent Developer Chronicles is a great training tool for your development team.
OWASP Top 10 Security Misconfiguration Explained
In this article, we will concentrate on Security Misconfiguration, provide recommendations on how to avoid it in your code, and break down how The Diligent Developer Chronicles is a great training tool for your development team.
OWASP Top 10 Insecure Design Explained
In this article, we will concentrate on Insecure Design and provide recommendations on how to avoid it in your code. We also suggest The Diligent Developer Chronicles as a great training tool for your development team.
OWASP Top 10 Injection Attacks Explained
In this article, we will focus on Injection Attacks and advise how to prevent them in your code. We also recommend The Diligent Developer Chronicles as a helpful training resource for your development team.
OWASP Top 10 Cryptographic Failures Explained
In this article, we will focus on Cryptographic Failures and advise how to prevent them in your code. We also recommend The Diligent Developer Chronicles as a helpful training resource for your development team.