Checkmarx Acquires Custodela to Bring Enhanced Automation to DevSecOps Programs!

Application Security Taking Center Stage for Retailers

The interconnectedness and rapid development of mobile technology are revolutionizing the consumer market. Retailers have fully computerized mechanisms driven by complex applications to bring their products to the mobile market, which has introduced serious security flaws into the ecosystem that can damage customers and financial giants, jeopardizing entire retail chains. Hackers have increasingly exploited these

Read More ›

Swift Vulnerabilities: What the New Language Did Not Fix

Swift is a new language developed by Apple for iOS and OS X development. Introduced at Apple’s developer conference WWDC 2014, the language is designed to eventually replace Objective-C and provide several important benefits, one of which is greater resilience against erroneous code. This research, published originally on Dr.Dobb’s, covers how Swift compares with Objective-C

Read More ›

Ensuring your developers love – or at least don’t hate – security

This post originally appeared on SCMagazine.com.  By Maty Siman, Checkmarx Founder & CTO When it comes to an organization’s software security, there’s been a chronic disconnect between the developers who write and build the code and the security teams who audit and enforce the code’s security. This divide historically arose from common misunderstandings: programmers believe that

Read More ›

Vulnerability Assessments

Why companies need vulnerability assessments Vulnerability discoveries are at an all-time high, while many more have not yet been exposed. Security scanning software is a great start, but it’s not enough. Web applications are becoming more complex and the threats are becoming more sophisticated. Scanning software solutions are not very cost-efficient and only look for

Read More ›

Directory Traversal Vulnerability

Directory Traversal Defined Directory Traversal (DT) is a HTTP exploit that malicious hackers use in order to gain access to account directories and the data contained within. A successful exploit can result in the entire web server being compromised, including access to directories that are used to control access to restricted areas. For example, the

Read More ›