Posts by Arden Rubens:

blog-cx%2fcb

We’re excited to announce the acquisition of Codebashing!

Jul 25, 2017 By Arden Rubens | We’re excited to announce the acquisition of Codebashing, a leading application security education platform that specializes in delivering interactive secure coding education for developers, aiming to empower developers with bite-sized interactive lessons to understand the principles of application security.   For organizations across the globe, reaching and maintaining application security is a major challenge. The increasing number of exploits, vulnerabilities, and the bleak repercussions the affected organizations face is a constant reminder of how important strong application security is. Yet, in so many cases, the biggest security risk organizations have is the lack of secure coding knowledge.  

</Read More>
blog-the-abcs-of-appsec-testing-iast-dast

The ABCs of AppSec Testing: IAST & DAST

Jul 24, 2017 By Arden Rubens | As applications are being hit harder than ever with increasingly sophisticated cyberattacks, organizations are turning to application security testing solutions to keep their applications safe. And as organizations take a peek into the AppSec testing market, they are sure to see many different options. In this blog post we will take a look at two solutions: IAST and DAST.  

</Read More>
blog-an-introduction-to-iast

An Introduction to IAST

Jul 13, 2017 By Arden Rubens | As organizations modernize and innovate their technologies and flows, traditional Dynamic Application Security Testing (DAST) is being considered a big setback for one big reason: time. With DAST, scanning for vulnerabilities takes time, special skills and maintenance. Therefore, with the rapid pace of CI/CD, it’s becoming more of a challenge to implement DAST. While automation and fast turnarounds are mandatory for a successful application security program in modern development environments, DAST cannot align with these requirements.  

</Read More>
blog-june-infographic

June 2017: Top Hacks and Breaches [INFOGRAPHIC]

Jun 30, 2017 By Arden Rubens | As we dive into June’s biggest hacks and breaches, we begin with OneLogin – a company which allows users to access multiple websites, applications, and services with just a single password. An attacker got hold of highly-sensitive keys for OneLogin’s cloud instance, and successfully in using its front-door key. In a statement released by the company, it was said that the attacked may have “obtained the ability to decrypt some information”.  

</Read More>
blog-the-abcs-of-appsec-testing-iast-sast-1

The ABCs of AppSec Testing: IAST & SAST

Jun 15, 2017 By Arden Rubens | With cybercrime on the rise, application security remains a massive challenge for organizations and governments across the globe. When it comes to the safety of applications, Penetration Testing (Pen Testing) and Dynamic Application Security Testing (DAST) both remain standing as capable solutions, but both come with a fair share of inherited weaknesses which raise significant limitations within today’s development landscape.  

</Read More>
blog-may-infographic

May 2017: Top Hacks and Breaches [INFOGRAPHIC]

Jun 05, 2017 By Arden Rubens | It’s only May, and 2017 is well on its way to set a new cyberattack record. As new statistics show, there have been over 1,200 reported data breaches and around 4,800 discovered vulnerabilities released in the first quarter of this year. So, while this post may focus on the month of May – and some of the hacks and breaches that came with it, including one of the largest cyberattacks of all time – we should brace ourselves for a wild ride as the year continues.  

</Read More>
blog-media-player-vuln

What You Need To Know: Security Vulnerabilities Found in Major Media Players

May 29, 2017 By Arden Rubens | Major security vulnerabilities have been found in several popular media players – including Kodi, PopcornTime, Streamio, and VLC – have been uncovered in new research released by Check Point. Around 200 million users could potentially be at risk.  

</Read More>
blog-dbir-2017

Takeaways from the Verizon 2017 Data Breach Investigation Report

May 15, 2017 By Arden Rubens | The annual Verizon Data Breach Investigations Report (DBIR) was released earlier this month to much anticipation, hitting a big milestone with its tenth-anniversary edition. And once again, it’s proving to be one of the most referenced data breach reports in the cyberworld and a must-read for industry leaders and security professionals across the globe.     For this year’s DBIR, data was collected from nearly 2,000 confirmed breaches and 42,000 security incidents from 20 different industries, spanning across 84 countries. Verizon security experts analyzed the submitted data and put together an extensive look at today’s cyber-universe.  

</Read More>
blog-wannacry-ransomware

WannaCry? Ransomware Is Everywhere

May 12, 2017 By Arden Rubens | A malicious software called ‘WanaCryptor’ hit the NHS this past Friday. The ransomware caused hospitals across England and Scotland to cancel operations, delay routine practices and divert ambulances, while patient records were made unavailable as infected computers were on lockdown until ransom was paid.   Other high profile targets included FedEx, Germany’s national railway, Telefónica along with many of Spain’s largest companies, and private and personal computers across the world. Once infecting the PC, the software locks up the data and the device, and holds it for ransom.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.