Cube

Checkmarx Heartbleed Vaccination Now Available

Apr 29, 2014 By Sharon Solomon

Checkmarx has now released an update that scans your application source code for the Heartbleed-vulnerable library code. 

The Heartbleed vulnerability had affected almost half a million secure web servers, certified by trusted authorities, by the time it was exposed. The bad news is that the problem still exists. More than 2% of the Alexa world top 1,000,000 websites are still susceptible to attack.

<All You Wanted to Know About the Heartbleed Vulnerability>

“Heartbleed is a bug in the basic implementation of open-source OpenSSL,” Checkmarx CTO Maty Siman told reporters after the bug was exposed. “Many security problems, like Heartbleed, can be traced to the original code written by programmers — in which they added features without checking the security ramifications.”

We strongly recommend the instilling of secure coding practices and the implementation of Source Code Analysis (SCA) testing during the development process for achieving a safe Software Development Life-Cycle (sSDLC).

The following two tabs change content below.

Sharon Solomon

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.