Security Journey Strengthens Developer Secure Code Training with Knowledge Assessments, Developer Profiles, and Expanded AI/LLM and CWE Top 25 Lessons
New Developer Profile and Developer Security Knowledge Assessments Deliver Personalized, Actionable Training While AI/LLM and CWE Top 25 Content Keep Developers Ahead of Emerging and Persistent Threats.
CHARLOTTE, N.C., March 12, 2025 /PRNewswire/ -- Security Journey, a leader in developer-focused application security education, is redefining secure code training with the developer in mind. With the introduction of the Developer Profile and Developer Security Knowledge Assessments, organizations can now provide training that directly addresses each developer's unique learning needs, strengthening security knowledge where it matters most. Additionally, new and updated content on AI/LLM security risks and the CWE Top 25 software weaknesses ensures developers are equipped with the latest insights to tackle both emerging and persistent security threats.
These updates come at a pivotal time, as the growing complexity of software development demands a stronger emphasis on proactive security measures. The Cybersecurity and Infrastructure Security Agency (CISA) continues to stress the importance of 'Secure by Design' practices, urging organizations to integrate security at every stage of software development.
Assessing and Strengthening Developer Security Knowledge
The Developer Security Knowledge Assessment allows organizations to benchmark, track, and enhance developer security expertise with targeted insights. By evaluating proficiency across key security categories, it ensures that training is customized to each developer's needs, helping organizations build stronger, more security-conscious teams.
Key features include:
-- Comprehensive Testing Across Multiple Categories - Assesses not only
secure coding but also secure development processes and core security
principles.
-- Interactive, Code-Based Challenges - Includes multiple-choice questions
that require developers to analyze actual code, identifying
vulnerabilities or selecting the correct security fixes.
-- Tailored Use Cases - Helps organizations create personalized development
plans based on assessment results.
-- Broad Programming Language Support - Available in Java, JavaScript,
Python, C#, C++, and pseudocode, with additional languages to be added
soon.
-- Actionable Analytics - Offers detailed insights that help organizations
refine training approaches and track developer progress over time.
Personalized Developer Training with Developer Profile
The new Developer Profile feature enhances training customization by capturing each developer's background, experience, and preferred programming languages. By documenting job roles, architectural tools, and security knowledge, organizations can deliver content that aligns with each developer's role and technical expertise--ensuring training is not just relevant but highly effective.
Tackling Modern Security Challenges: AI/LLM Secure Coding Content Updates
AI and large language models (LLMs) introduce new security risks, and developers must be prepared to navigate them. Security Journey has updated its training platform to address the security risks posed by AI and LLMs. New modules align with the 2025 OWASP Top 10 for LLM applications, focusing on AI-driven vulnerabilities and best practices for securely integrating LLMs into software development. These updates help developers understand and mitigate risks unique to AI-powered applications, ensuring secure integration of emerging technologies.
The new AI/LLM modules include hands-on courses such as:
Prompt Injection
Sensitive Information Disclosure
Supply Chain Vulnerabilities
Training Data Poisoning
Improper Output Handling
Excessive Agency: Human in the Loop
Excessive Agency: Prompt Security
Excessive Agency: Insecure Plugin Design
Prompt Leakage
Vector and Embedding Weakness
Misinformation
Unbound Consumption
And more, including: Secure Development Leveraging LLM's, LLM Enterprise Security, Governance for AI/LLM Systems, and AI/LLM Security Toolchain.
CWE Top 25 Video Series: Learning from Industry Experts
The newly launched CWE Top 25 Video Series offers expert-led training on the most critical software vulnerabilities in the industry. This series helps developers identify and prevent high-risk security flaws, while aligning with industry best practices and compliance frameworks to ensure secure coding standards.
Building a Developer-First Security Culture
Dan Newton, CEO at Security Journey, emphasizes the company's commitment to developer empowerment:
"Our goal is to make security a seamless part of a developer's journey. With these enhancements, organizations can provide personalized, engaging training that directly improves developers' ability to build secure applications. By focusing on the developer's experience, we're ensuring that security is not just a compliance checkbox but a fundamental part of the software development process."
For more information about Security Journey's latest features and training content, visit www.securityjourney.com
About Security Journey
Security Journey provides industry-leading secure coding training designed for developers. Through engaging, hands-on learning experiences, we empower development teams with the skills and knowledge to write secure code and create more resilient software.
SOURCE Security Journey
