Checkmarx Acquires Custodela to Bring Enhanced Automation to DevSecOps Programs!

The Security State of WordPress’ Top 50 Plugins

In June 2013, Checkmarx’s research labs ran multiple security scans against the source code of the most popular WordPress plugins. The result? More than 20% of the 50 most popular WordPress plugins are vulnerable to common Web attacks, such as SQL Injection. In total, 8 million vulnerable WordPress plugins were downloaded. This report presents the

Read More ›

The AppSec How-to: Choosing a SAST Tool

Given the wide range of Source Code Analysis (SCA) tools available in the market today, security professionals, auditors and developers alike are faced with some difficult questions before picking the right tool for them.The main question is – How to assess a Static Analysis Security Testing (SAST) tool for deployment? Choosing the right tool requires different considerations during each

Read More ›

Mobile Application Security (Android/iOS)

Mobile application security for Android and iOS is a field which doesn’t always receive the attention it deserves. Software development teams have been scaling up their mobile application development over the last decade as smartphones have become more affordable and mobile bandwidth (and Wi-Fi) access has improved. It has been estimated that nearly 1 billion

Read More ›

DevOps Security

Research from the Gartner Group has demonstrated that nearly 75% of successful attacks made against an application are exploiting vulnerabilities which are already well understood, and for which a patch or remediation recommendation for is available. Some say that DevOps can by its very nature make software less secure. That’s because DevOps teams work with

Read More ›