Checkmarx Acquires Custodela to Bring Enhanced Automation to DevSecOps Programs!

2016 US Election Hacks in Arizona and Illinois Brief [INFOGRAPHIC]

2016 us election hacks

In late August 2016, news broke that the FBI was investigating two hacks against the Board of Elections in Illinois and Arizona. With the fervor of the 2016 US elections reaching a tipping point as November nears, the possibility of a hack has raised serious concerns by both voters and voting officials especially as the

Read More ›

Introduction to the AppSec Knowledgebase

Week after week, an increasing number of corporations and governments become the victims of cybercrime. These exploitations lead to losses of revenue and reputation which can are often impossible to recover for the affected organizations. The best defense in the fight against cybercrime is ensuring that your code in free of the vulnerabilities that can

Read More ›

The Game of Hacks

The Game of Hacks development was directed jointly by Checkmarx CTO Maty Siman and Asaph Schulman, VP of marketing. It’s based on the 2013 OWASP Top-10, one of the most comprehensive vulnerability references available today. In a nutshell, this is an interactive solution to promote secure coding practices and AppSec awareness amongst developers. Besides offering the obvious

Read More ›

Top AppSec Gurus on Twitter

Staying on top of the latest developments and innovation in application security is key. The following list of thought leaders is an excellent source of information that will help you implement a successful application security program.   Troy Hunt @TroyHunt Sydney-based software architect, web security specialist and Microsoft MVP 4 years running. Dan Cornell @danielcornell

Read More ›

OpenSAMM

The Software Assurance Maturity Model (SAMM) is an open framework to help organizations devise and implement an application security strategy that is tailored to its specific needs and requirements. The resources provided by this model allows the evaluation of the organization’s existing security practices, before helping it to build a balanced application security program with

Read More ›

BSIMM

Build Security in Maturity Model (BSIMM) is a software security measurement framework that helps organizations gauge their software security and build a maturity model based on actual data gathered from real-world software security initiatives. What is inside the BSIMM? It describes 112 activities that have been organized in 12 different practices according to a software

Read More ›

MISRA/MISRA C

MISRA C is a dedicated software development standard for the C programming language developed by MISRA. Its aims are to facilitate code safety, portability and reliability in the context of embedded systems, specifically those systems programmed in ISO C. There is also a set of guidelines for MISRA C++ programming language.   Additional Reading: Motor

Read More ›

HIPAA

HIPAA defines how electronic (online) healthcare and administrative transactions should be executed by companies providing health plans and other health care provisions. This American legislation was signed by Bill Clinton in 1996 and has five main sections that cover the various aspects that need to be taken into consideration for full compliance.   Additional Reading:

Read More ›