Posts by Administrator:

Eclipse-Logo

Cybercrime is on the rise !

Feb 21, 2013 By Administrator | Experts report that in 2012, 1.5 million users were affected by cybercrime daily…this is 18 people affected each second! The end user may take precautions to protect themselves and decrease the threat of cybercrime, but this is a small scale 1:1 scenario and only solves part of the problem. The fact remains clear and simple, the best way to fight cybercrime on a large scale is through precautionary measures from the developer.  Quality coding practices and certification benchmarking saves thousands of users from cyber security risks; it has a massive impact on the war against cybercrime.

</Read More>
Mission_Impossible

[WEBINAR] – 10 Steps to agile development without compromising security

Jan 23, 2013 By Administrator | Checkmarx is excited to announce our next webinar session – 10 Steps to agile development without compromising security. The webinar focuses on a topic that is gaining a lot of traction within the developer community – securing an agile development environment and in particular continuous integration and continuous deployment. Integrating security into these rapid-paced environments requires a mind-shift from the traditional SDLC measures we’ve all grown to use. Many organizations are now struggling to add security into these new processes but are not sure how, and what are the best practices. We can all benefit from the experience of those who have already adopted and secured these processes.

</Read More>
fotoklein

The Value of Secure Coding Procedures by Don Eijndhoven

Jan 08, 2013 By Administrator | An interesting post by Don Eijndhoven, CEO of Argent Consulting
I recently had a very interesting conversation with Dave Hyman, VP SaaS at Checkmarx, who asked me how I saw the future of cyber security (or information security, take your pick). Now, as I’m sure you´ll agree with me, that’s a fairly abstract question that can go a lot of ways. My friends will confirm that I enjoy waxing philosophical discussions like that, but given what Checkmarx does with a Cloud based solution for code security, that is the direction this talk went. And there really is a lot to say about secure coding practices that I feel doesn’t quite getting the limelight it deserves. Any Information Security course or lesson in Security certification will stress that security should be part of the code design practice rather than being tacked on at a later stage; I couldn´t agree more. Unfortunately, security precautions made in the coding process, which turns a design into a working product, are often overlooked and that is a mistake.

</Read More>
success

Dinis Cruz – Would I recommend Checkmarx as a SAST engine?

Dec 03, 2012 By Administrator | Dinis Cruz, of TeamMentor, wrote an interesting blog post recently about his experience of using Checkmarx’s source code analysis engine (SAST) after he’s been asked twice in the last week whether he would recommend using Checkmarx’s SAST engine. It’s important to note that Dinis wrote this blog post with no involvement / endorsement of any kind from Checkmarx. The post represents Dinis’ personal views of the SAST marketplace.

</Read More>
owasp_logo

Checkmarx Wins Award at OWASP Infosec India 2012

Sep 23, 2012 By Administrator | After a highly successful event at OWASP Infosec India last month, we would like to share with you some photos from the event and thank everyone who made the event a success. Thank you for all the visitors that attended our booth and discussed their source code analysis requirements with us.
To continue the dialog, request more information, please contact us. Alternatively you can sign up to start a FREE trial.

</Read More>
drupal-262x300

Analysis of Drupal Security Vulnerabilities

Aug 16, 2012 By Administrator | Drupal is a free and open-source content management system (CMS) and content management framework (CMF) written in PHP and distributed under the GNU General Public License. It is used as a back-end system for at least 2.1% of all websites worldwide ranging from personal blogs to corporate, political, and government sites including whitehouse.gov and data.gov.uk. It is also used for knowledge management and business collaboration.

</Read More>

What’s HOT in Application Security Vol #20

Jul 16, 2012 By Administrator | Yahoo left red-faced after SQL injection vulnerability reveals nearly half a million passwords!
A hacking group who name themselves ‘DD3Ds Company’ have, within the last few days leaked 453,492 yahoo text passwords for Yahoo accounts. DD3Ds Company now claim that they attained the passwords by means of SQL injection against a poorly secured Yahoo subdomain. Security experts have named the it as Yahoo Voices.

</Read More>

What’s HOT in Application Security Vol #19

Jul 09, 2012 By Administrator | Cyber Attacks on ATM and online banking are at an all time high
Cyber Attacks which are aimed at online banking applications are at an all time high, according to several security experts. Unsurprisingly, almost one third of all attacks were aimed at banks which reside in the Gulf, where the banks are swelling with oil money and where small amounts of money missing from accounts are likely to go un-noticed.

</Read More>
Application-Security-News-Thumbnail

What’s HOT in Application Security Vol #18

Jul 02, 2012 By Administrator | What are the Top Flaws in Web Applications?
When it comes to security, web applications are consistently the most vulnerable to penetration. Here are some of the top flaws in web applications:

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.