Checkmarx has now released an update that scans your application source code for the Heartbleed-vulnerable library code.
The Heartbleed vulnerability had affected almost half a million secure web servers, certified by trusted authorities, by the time it was exposed. The bad news is that the problem still exists. More than 2% of the Alexa world top 1,000,000 websites are still susceptible to attack.
“Heartbleed is a bug in the basic implementation of open-source OpenSSL,” Checkmarx CTO Maty Siman told reporters after the bug was exposed. “Many security problems, like Heartbleed, can be traced to the original code written by programmers — in which they added features without checking the security ramifications.”
We strongly recommend the instilling of secure coding practices and the implementation of Source Code Analysis (SCA) testing during the development process for achieving a safe Software Development Life-Cycle (sSDLC).
Sign up today & never miss an update from the Checkmarx blog
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.