Posts by Paul Curran:

open source security with Rami Sass

Managing Open Source Security – Interview with Rami Sass

Oct 10, 2016 By Paul Curran | The second in our series of our 2016 National Cyber Security Awareness Month (NCSAM) interviews is with Rami Sass, co-founder and CEO at WhiteSource, the solution that helps engineering executives all over the world to effortlessly manage the use of open source components in their software.

</Read More>
AppSec 2016 Playbook: A Beginner’s Guide to Secure Development

AppSec 2016 Playbook: A Beginner’s Guide to Secure Development

Oct 05, 2016 By Paul Curran | As a part of our ongoing initiative to help “Developers Vote Security” for 2016’s National Cyber Security Awareness Month, Checkmarx has published our Application Security Guide for Beginners as a detailed and concise resource that covers the key concepts and top keywords in the field of application security. From what is needed to create a secure software development lifecycle (SDLC) to the top threats facing applications and their consequences, this quick playbook covers it all when it comes to secure coding practices. This guide to secure development is divided into four categories: Code Development Methodologies, Code, Application Security Solutions and Common threats and their impacts.

</Read More>
How to Accelerate Application Security: Interview with Dan Cornell, Denim Group CTO

2016 Cybersecurity Awareness Month: How to Accelerate Application Security – Interview with Dan Cornell

Sep 29, 2016 By Paul Curran | This October 2016, Checkmarx is celebrating National Cybersecurity Awareness Month (NCSAM) with content focused on educating and empowering developers about secure coding practices under the slogan “Developers Vote Security.”   As more and more organizations across all verticals speed up their development and adopt DevOps, the responsibility of security is increasingly falling into the hands of the developers during the development stages of the SDLC as the windows for security testing in the later stages continue to shrink.

</Read More>
securing the online financial sector with source code analysis feature image

Securing the Online Financial Sector with Source Code Analysis

Sep 21, 2016 By Paul Curran | The financial sector is under constant attack by cyber criminals. In fact, banks are attacked four times more than other industries. Large bank hacks and exploits continually made headlines over 2015 and that trend continues as we progress into Q4 of 2016. What are the major cyber threats facing organizations in the financial and banking sectors, what steps can these organizations take in order to secure their code and what role can source code analysis play in securing banking applications against attackers?

</Read More>
cms security tips - feature graphic

Is Your Site Secure? CMS Security Tips from a Canadian Forum Hack

Sep 19, 2016 By Paul Curran | In June 2016, news of a massive hack on the Canada-based forum hosting company VerticalScope spread swiftly around various security blogs and tech news websites. In this attack, hackers were able to steal and leak 45 million records from over 1,000 forums and websites that were included in the VerticalScope network. Amongst their biggest websites, were Motorcycle.com, Boat.com, Mothering.com and more. Read on to find out how the attackers were able to gain access to their database and content management system (CMS) and discover how you can keep your CMS secure.

</Read More>
APEX CODING LANGUAGE

ABC’s of Salesforce’s Apex Coding Language [Infographic]

Sep 14, 2016 By Paul Curran | With Salesforce’s giant annual conference, Dreamforce, fast approaching in early October, now’s the time to brush up on their proprietary programming language, Apex. As a strongly typed, object-oriented programming language, Apex allows developers to execute flow and transaction control statements on the Force.com platform server while performing calls to the Force.com API.

</Read More>
1

August 2016 Hacks: 8 of the Largest Hacks, Breaches and Cyber Incidents

Sep 11, 2016 By Paul Curran | Summer 2016 has been a hot one for hackers, and August continued the trend of persistent attacks and breaches seen in June and July. This August, American institutions across all levels were hit particularly hard as the Democratic Party was hacked again by Guccifer 2.0, the National Security Agency had one of their sophisticated cyber weapons stolen and put up for auction and the FBI warned that the Board of Elections in two separate states had been targetted by possibly foreign hackers.   August 2016 hacks were unusual, such the release of patients’ urology information in Ohio, and alarming as seen in the theft of over $80 million dollars from the Bangladesh Bank over the long weekend. Read on to discover more of the cyber threats that targetted governments, citizens and financial institutions around the world in August 2016. 

</Read More>
2016 us election hacks

2016 US Election Hacks in Arizona and Illinois Brief [INFOGRAPHIC]

Sep 08, 2016 By Paul Curran | In late August 2016, news broke that the FBI was investigating two hacks against the Board of Elections in Illinois and Arizona. With the fervor of the 2016 US elections reaching a tipping point as November nears, the possibility of a hack has raised serious concerns by both voters and voting officials especially as the electoral system becomes increasingly reliant on technology. While the numbers affected by these hacks are significantly smaller than other major hacks and breaches in 2016, the fact that there could be foreign meddling in either the elections process or voter data is a serious cause for alarm. Read our infographic to find out more about these 2016 US election hacks, the victims and the perpetrators.

</Read More>
cyber security careers

Cyber Security Today: Career Paths, Salaries and In-Demand Job Titles

Aug 30, 2016 By Paul Curran | The constantly evolving threats from both hackers and state-sponsored actors, along with the expanding attack surfaces seen in the widespread adoption of IoT (internet of things devices), has led to a huge shortage of labor in the cyber security field. “The demand for the (cybersecurity) workforce is expected to rise to 6 million (globally) by 2019, with a projected shortfall of 1.5 million,” noted Symantec CEO Michael Brown. Now is the perfect time to be exploring options in cyber security careers.   According to Steve Morgan, Editor-In-Chief of the Cybersecurity Market Report, the demand for cybersecurity will result in over a million job openings in 2016 alone as the growing cyber security market continues to soar with a projected growth from $75 billion in 2015 to a $170 billion by 2020.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.