Checkmarx Launches Infrastructure as Code Scanning Solution to Secure Cloud-Native Applications: KICS

Checkmarx Blog

Why State and Local Governments Need Application Security Testing

For state governments, local governments, and education agencies (a cohort often referred to as the SLED sector), there has perhaps never been a more difficult time to develop and deploy software than the present. Due partly (but not solely) to the pandemic, SLED organizations face an unprecedented set of challenges related to software. To meet

Read More ›

Why Developers Use Open Source in Their Projects – and How to Manage the Risks

If you’re a developer, incorporating open source code into your project is like ordering a meal kit instead of cooking from scratch. It saves you some time and effort. But it also reduces your level of control over the final product, and it could lead to issues that you don’t foresee. That’s not to say

Read More ›

Open Source Is Everywhere – Even Your Codebase

In his 2011 article for The Wall Street Journal, Marc Andreessen wrote that “software is eating the world.” This, he explained, is because of the amazing pace of innovation in the tech industry, which is due in no small part to the open source movement. Open source has grown up alongside the rest of the

Read More ›

What Developers Need From Secure Coding Training

Developers are eager for knowledge, especially when it comes to learning how to write secure-by-design code. However, they lack the necessary skills to perform this job properly, as quite often hackers have the advantage of time. Security training is generally a low priority operation even though Developers and DevOps are expected to be fully compliant

Read More ›

Developer Training in the Context of Regulatory Compliance

Many regulatory frameworks require developers to be educated about security. The most recent version of the PCI DSS standard, for example, which was last updated in May 2018, mentions the words “train” or “training” 38 times. But the question for businesses is: how do you actually train developers to write and deploy secure code? That’s

Read More ›

Jump to Category