Posts by Arden Rubens:

blog-women-twitter-cyber

Top Women in Cybersecurity You Should be Following on Twitter

Mar 07, 2017 By Arden Rubens | Since the begining of information security, the representation of women in cybersecurity has been (and still is) small. So small that women make up only 11% of the information security workforce. But with such a tiny representation in the industry comes a big opportunity. There is 1 million open jobs in #cybersecurity right now, and not enough women to join the field – @devsecops #RSAC
— RSA Conference (@RSAConference) February 14, 2017   For the cybersecurity world, Twitter is a continuous stream of content with various influencers tweeting the latest insights on a daily basis. And some of the most influential and trailblazing women in the industry have been using the platform to keep you in the know.  
</Read More>
blog-infographic

February 2017: Top Hacks and Breaches [INFOGRAPHIC]

Mar 05, 2017 By Arden Rubens |
February may be the shortest month, but there definitely was no shortage in hacks and breaches. The month started with a an anonymous hacker single-handedly taking down an entire dark web hosting service with more than 10K Tor-based .onion sites. Then, on February 10th, a security flaw found in WordPress allowed hackers to attack and deface an estimated 1.5M pages.   Later on in February, hackers (masked as “Pro_Mast3r”) defaced one of the Trump Administration’s official fundraising websites in a subdomain takeover. On February 28th, data from connected CloudPets teddy bears was leaked after the database was found unsecured. Over 800K users were found in the database, which also contained recorded kids’ voice messages.
</Read More>
copy-of-blog

Key Takeaways from Ponemon’s 2017 Study on Mobile and Internet of Things Application Security

Mar 01, 2017 By Arden Rubens | Today, organizations are developing and releasing mobile and Internet of Things (IoT) devices and apps at a rapid speed. According to recent research, it is estimated that around 50B IoT devices will be connected to the Internet by 2020 while 2017 started with a record 2.2M downloadable apps in the App Store.   Every year, Ponemon Institute releases a study on Mobile and Internet of Things Application Security focusing on understanding how organizations are lowering the risks in mobile and IoT apps in the workplace. Based on this study, while the worry and understanding of mobile and IoT application security threats is increasing. There is a severe lack of urgency in addressing issues and proper application security testing is occurring during later stages in an app’s SDLC. Continue reading for a full list of key takeaways from Ponemon’s 2017 Study on Mobile and Internet of Things Application Security.
</Read More>
blog-2017-devops-accounts-1

DevOps and Security Experts You Should Be Following on Twitter in 2017

Feb 23, 2017 By Arden Rubens | Twitter is an amazing wealth of ideas, opinions, and other resources. But with well over 300M users active on a monthly basis, Twitter can also be hard to navigate. There are so many people to follow and so little time to find the right ones.   When it comes to DevOps and Security, there are lots of great thinkers on the front lines of the union – and luckily for us, many are on Twitter. Whether you’re just starting out or are looking for new ways to integrate security within DevOps (and vice versa), Twitter is a great place to seek out info and be a part of the discussions.  
</Read More>
blog-2017-security-terms

3 Need-to-Know Security Terms for 2017: DevOps, “Shifting Left” and Ransomware

Feb 15, 2017 By Arden Rubens | As organizations of all sizes and verticals prepare for whatever malicious cyber criminals have in store for them in the upcoming fiscal quarters,  we wanted to focus on three need-to-know terms that all security professionals should be aware of, and familiar with, in 2017.   Today, organizations need to increase the speed and quantity of their releases, thus leading to an industry shift from waterfall to agile software development. Out of this shift in methodology, DevOps was born.
</Read More>
blog-apac-threats-part3

Cyber Threats Facing APAC – Applications

Feb 13, 2017 By Arden Rubens | New and improved fast paced technologies are offering us exciting ways to live, are helping us at work, and continue pushing the boundaries of innovation and efficiency. However, along with all of the good comes the bad – the raised risk and exposure to security threats. In part one and part two of our three part series on cyber threats facing the Asia Pacific (APAC) region, we established that APAC has the worst record in terms of cyber security, with its countries some of the most vulnerable in the world and the discovery of breaches taking over three times longer than the global average.
</Read More>
blog-jan-hacks

January 2017: Top Hacks and Breaches [INFOGRAPHIC]

Feb 08, 2017 By Arden Rubens | The new year started with a whole new collection of hacks and security breaches. On the 4th of January, the known hacker CyberZeist claimed to have hacked the FBI’s website and proved it by leaking personal account information of several FBI agents. The hack happened by the exploitation of a zero-day vulnerability in the Plone CMS, according to a report by Hacker News. Since, Plone has denied that there was a zero-day vulnerability, yet released a security update on the 17th of January to “patch various vulnerabilities”.  
</Read More>
blog-chrome-extensions

8 Chrome Extensions Every Security Pro Needs

Jan 25, 2017 By Arden Rubens | Google Chrome is the most popular web browser, and it comes with a large library of Chrome extensions with the aim of helping you customize your browsing experience. And with so many options, it can be hard to find the extensions which are right for you. Therefore we put together this list featuring the top Chrome extensions every security professional needs.
</Read More>
blog-retail

The Season of Retail Hacks

Jan 15, 2017 By Arden Rubens | Vera Bradley, fashion retail brand, is one of the many recent cybercrime victims. This luggage and handbag design company revealed that earlier this year, payment systems at multiple locations were hacked, and that an unknown number of personal payment cards used by customers may have been compromised.   With this hack, Vera Bradley joined the large group of retail companies targeted and then successfully attacked by hackers. The group of victim companies includes many heavy hitters such as Target, Home Depot, and Neiman Marcus.
</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.