Posts by Paul Curran:

future of cyber security

The Future of Cyber Security – Part 1: IOT Security

Aug 25, 2016 By Paul Curran | “One of the unique aspects of IoT (Internet of Things) is that it’s bringing cybersecurity into the physical realm.” Intel Security Group Senior VP Chris Young.   For those that didn’t live through the fear mongering surrounding the anticipated disasters stemming from Y2K, cyber security hasn’t been something that has made a major impact on the average person’s life.

</Read More>
Screen Shot 2016-08-21 at 5.43.04 PM

Federal Forecast: Cyber Security in 2017

Aug 21, 2016 By Paul Curran | As America still reels from the damage created after the giant Office of Personnel Management (OPM) hack, it’s time to wonder what 2017 has in store for American federal cyber security. It’s not even over yet, and 2016 has been a big year not only for major breaches targeting federal agencies, but also for some big strides forward in the way that America’s treating the future of cyber security.  

</Read More>
encryption security

All About Encryption: Security, News and a Brief History

Aug 18, 2016 By Paul Curran | WhatsApp recently made global headlines with the news that all forms of communication sent through the app feature end-to-end encryption. This additional layer of security which meant that all messages and files would be secured from falling into the wrong hands, but what is needed to properly encrypt data and what happens when sensitive data is not properly encrypted?  

</Read More>
hacks and breaches July 2016

Major Hacks and Breaches for July 2016 [INFOGRAPHIC]

Aug 16, 2016 By Paul Curran | Summer 2016 continues to heat up with hacks, breaches and discoveries of major vulnerabilities. From automotive to the internet of things(IoT) and from Vietnamese airports to Taiwanese ATMs, July was a big month for cyber security news. Both Fiat-Chrysler and BMW feature in this month’s infographic, although for different reasons as Fiat Chrysler took the preventative step of launching a bug bounty program for its website and mobile applications, while two serious vulnerabilities were discovered in BMW’s web portal.  

</Read More>
Hybrid versus native mobile development

Hybrid versus Native Mobile App Development: Methodologies, Risks and Tools

Aug 10, 2016 By Paul Curran | As our focus changes from content on the web to content on mobile, our mobile devices play an increasingly vital role in the way we communicate, consume content, conduct business and more. For organizations and businesses in every vertical, mobile applications are no longer an option, but a requirement in order to stay ahead of the curve and relevant with their customers. Read on to learn about hybrid versus native mobile development when it comes to methodologies, risks and tools.

</Read More>

The Need for HIPAA Compliance in the Crowded Mobile Health Space

Aug 08, 2016 By Paul Curran | As the mHealth (mobile health) vertical continues to expand from healthcare apps to fitness trackers, from doctor appointment scheduling helpers and peer support communities, the control, and privacy that the end users have over our personal health records is being increasingly jeopardized. New applications and digital health resources keep emerging which make it unclear whether or not the sensitive data stored within will be secured and covered under the Health Insurance Portability and Accountability Act (HIPAA).

</Read More>
PCI compliance

PCI Compliance for Version 3.2: FAQs and To-do’s

Aug 03, 2016 By Paul Curran | As families all across America dress up and trickle into the streets for trick-or-treating on October 31st, 2016, there is one more ghost that will be vanishing into the chilly, autumn air at midnight: PCI DSS version 3.1.
Since the introduction of PCI DSS 3.2 in April 2016, organizations have been working hard to ensure that they’re compliant with these new standards put forth by Payment Card Industry Security Standards Council (PCI SSC).   What threats to the payment card industry prompted this incremental update and what new protections will version 3.2 contain?

</Read More>
Secure JavaScript Applications

The Only Way to Build Effective and Secure JavaScript Applications

Jul 20, 2016 By Paul Curran | JavaScript is everywhere. It runs on your smartphone, personal computer and even on your server. That much power comes with a lot of responsibility. Keeping JavaScript code clean and secure is the only responsible way to write JavaScript.
Given the vast proliferation of JavaScript, there is a myriad of ways to write poor code as everyday hackers target popular languages and come up with innovative exploits. This leaves an interpreted language such as JavaScript vulnerable unless you take the proper defensive measures.
Let’s examine the ways you can write clean and secure JavaScript.

</Read More>
June Breaches

The Biggest Breaches and Hacks of June 2016 Infographic

Jul 07, 2016 By Paul Curran | Each month, we hear about a whole new cascade of security breaches that each bring to mind that saying that the definition of insanity is doing the same thing over and over and expecting different results.  June was no different.    Starting the month off was a massive MySpace hack that could end up being the biggest breach of all time with over 360 million usernames and passwords stolen. Mid-month we learned of a possible Wendy’s POS breach and of a rogue T-Mobile employee trying to pilfer customer data on the dark web. And just last week, the Quora account of Google CEO Sundar Pinchai was hacked.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.