Posts by Amit Ashbel:


Everybody needs security aware neighbours

Jul 07, 2015 By Amit Ashbel | YIT (Yedioth Information Technologies) is a leading IT company and software house, specializing in internet and mobile solutions. Established 15 years ago as the IT arm of Yedioth Aharonoth Group, in order to supply technology solutions to the entire Group, YIT extensive experience drove its expansion to deliver same expertise to various market leading customers.

</Read More>
Android App Vuln.

Android Application Security Sucks! Here’s what to do about it

May 26, 2015 By Amit Ashbel | Brought to you by Appsec Labs and Checkmarx.  Android Platform Security Essentials Android…. It is no longer just a mobile phone. Nowadays Android applications are running anywhere and everywhere. Home Appliances, watches, TVs, car applications and with the Internet of Things kicking in quickly, Android applications will probably become even more prevalent in our lives.

</Read More>

Inflight Security is more than just a life vest

May 19, 2015 By Amit Ashbel | Are you afraid of flying? The following information won’t make you feel any safer. Inflight Entertainment systems (IFE) have evolved significantly over the years. Nowadays you can actually connect via your own mobile device to the IFE system and watch TV series, movies or just listen to music and see the flight status. Sounds good, right? Well, yes and no. We all agree that flights should include some kind of entertainment to “survive” these hours of boredom on the flying metal box. However should airlines risk flight security for the latest Box office blockbuster?  

</Read More>

Starbucks Application Breach #2

May 14, 2015 By Amit Ashbel | What was stolen?
A new attack on the Starbucks Mobile Payment Application was launched. Criminals have been breaking into individual customer rewards accounts and transferring funds to other accounts.
How was the attack executed?

</Read More>

19 Points of AppSec Wisdom from RSA 2015

Apr 30, 2015 By Amit Ashbel | So, we are back from RSAC 2015!  Our heads full with new information, our sales teams loaded with new connections to follow up with and our bags full of useless giveaways :). Other than achieving absolute culinary success with some quite impressive restaurants and enjoying an impressive Faith No More concert at the San Francisco Warfield we also did some work. As usual it was an interesting and fruitful RSA Conference. Concentrating on Application Security, which had its own dedicated track, we decided to summarize a few of the more interesting talks. Among those, our own one and only, Maty Siman.

</Read More>
Secure Your Code

What’s Holding You­­­­ Back from Securing Your Code?

Feb 25, 2015 By Amit Ashbel | Organizations today are aware of security risks they can be exposed to as a result of bad or wrong code practice.  However, while awareness is the first step, being able to act is a whole other ballgame.
After witnessing more and more companies being hit by attacks based on well-known vulnerabilities, we sought to understand what’s holding organizations back when it comes to implement secure coding practices.
Checkmarx gathered a slew of professionals from organizations around the globe in the same room and asked them one simple question: “What is holding you back from ensuring your Application code is secure?”

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.