In June 2013, Checkmarx’s research labs ran multiple security scans against the source code of the most popular WordPress plugins. The result? More than 20% of the 50 most popular WordPress plugins are vulnerable to common Web attacks, such as SQL Injection. In total, 8 million vulnerable WordPress plugins were downloaded. This report presents the
Today we published our report “The Security State of WordPress’ Top 50 Plugins” (no reg required). This report presents Checkmarx’s research which analyzed the security of the top 50 most popular plugins (in general), as well as the top 10 most popular ecommerce plugins.
This week I had the pleasure to join the Gartner Security and Risk Management Summit in Washington DC. It was an event filled with insight and direction covering a large range of cyber security issues which challenge industry leaders and executives alike.
We are glad to summarize a successful Checkmarx Customer event! The event took place on June 16th, 2013 at the Crowne Plaza Beach hotel in Tel Aviv, Israel. The event was characterized by a vibrant and dynamic atmosphere, with interesting knowledge exchange and new bonds and networks. It was all about Application Security, while our
A way to hack into an iPhone only through charging the phone! Georgia Institute of Technology researchers figured out how to attack iPhone with malicious software through a charging cord. The proof of concept will be presented by the institute at Black Hat USA 2013– giving you another good reason to come to the conference
Given the wide range of source code analysis tools, security professionals, auditors and developers alike are faced with a question: How to assess a Static Analysis Software Testing (SAST) tool for deployment? Choosing the right tool requires different considerations during each stage of the SAST tool evaluation process.
Given the wide range of Source Code Analysis (SCA) tools available in the market today, security professionals, auditors and developers alike are faced with some difficult questions before picking the right tool for them.The main question is – How to assess a Static Analysis Security Testing (SAST) tool for deployment? Choosing the right tool requires different considerations during each
Mobile application security for Android and iOS is a field which doesn’t always receive the attention it deserves. Software development teams have been scaling up their mobile application development over the last decade as smartphones have become more affordable and mobile bandwidth (and Wi-Fi) access has improved. It has been estimated that nearly 1 billion
Research from the Gartner Group has demonstrated that nearly 75% of successful attacks made against an application are exploiting vulnerabilities which are already well understood, and for which a patch or remediation recommendation for is available. Some say that DevOps can by its very nature make software less secure. That’s because DevOps teams work with