Application Security Trends

Traditional security is well past its expiration date. Learn about the latest trends in AppSec in these posts, from DevOps to SAST and everything in between.
blog-smart-cities_-can-my-city-be-hacked_

Smart Cities: Can My City be Hacked?

Dec 11, 2017 By Sarah Vonnegut | Our connected devices make life easier on us as individuals, and the conveniences afforded to us by connecting technology to the physical world around us are compounded when we expand the reach from individuals to a greater population, – entire cities.   While cities have been adapting new technologies that connect the physical world to the digital world for decades, the rate at which they do so is reaching new heights, and the technologies themselves are far more advanced. These technologies, and the greater amount of connectivity they allow for, are opening cities up for the greater good…as well as the greater evil.  

Read More »
blog-a-closer-look_-owasp-top-10-application-security-risks

A Closer Look: OWASP Top 10 2017 – Application Security Risks

Dec 03, 2017 By Arden Rubens | Open Web Application Security Project (OWASP) is an organization filled with security experts from around the world who provide information about applications and the risks posed, in the most direct, neutral, and practical way. Since 2003, OWASP has been releasing the OWASP Top 10 list every three/four years. The list consists of the top biggest Application Security Risks according to OWASP.

Read More »
blog-november-infographic

November 2017: Top Hacks and Breaches [INFOGRAPHIC]

Dec 01, 2017 By Arden Rubens | Recent research confirms that a third of the internet is under attack, with millions of network addresses subjected to DDoS attacks over a two year period (source). And as I write these monthly hacks and breaches reviews, this statement comes as no surprise. Just because it’s officially the holiday season, it doesn’t mean that hackers will be slowing down. Here’s a roundup of some of November’s notable hacks and breaches.  

Read More »
blog-owasp-infographic

INFOGRAPHIC: OWASP Top 10 Application Security Risks

Nov 30, 2017 By Arden Rubens | The OWASP Top 10 Application Security Risks 2017 (PDF) is out. The list takes a good look at the most critical application security risks facing organizations and developers today, with the big goal of raising awareness, upping the knowledge, and helping security teams and developers release secure applications. 

Read More »
blog-a-simple-coding-error-put-millions-of-smartphone-users-at-risk-what-you-need-to-know

A Simple Coding Error Put Millions of Smartphone Users at Risk: What You Need to Know

Nov 15, 2017 By Arden Rubens | As many as 180 million smartphone users are at risk of having texts and calls hijacked by hackers – all due to a simple coding error in at least 685 different mobile apps. A warning was released by the cybersecurity firm Appthority late last week. According to Appthority, the vulnerability (known as Eavesdropper) could let hackers inside an app to access confidential knowledge, without the user knowing.  

Read More »
blog-october-infographoc

October 2017: Top Hacks and Breaches [INFOGRAPHIC]

Nov 02, 2017 By Arden Rubens | Another month, another absurd amount of data breached. The start of October saw an update in one of the most notorious data breaches of all time: Yahoo said in a statement that all 3 billion of its accounts were hacked in data breach which occurred in 2013. This tripled the original number of thought accounts breached, which already holds the record of data breached.

Read More »
blog-south-african-breach-1

South Africa’s Biggest Data Breach: What You Need To Know

Oct 23, 2017 By Arden Rubens | A trove of data containing the personal information of more than 60 million South African citizens has been breached in the biggest data breach to hit South Africa. The breach was discovered by security researcher and creator of Have I Been Pwned, Troy Hunt.  

Read More »
blog-microservices

Continuous Security Testing for Microservices

Oct 18, 2017 By Dafna Zahger | Being a part of today’s tech-industry, you probably notice all winds blowing towards the implementation of DevOps and CI\CD methodologies, and rightfully so. Today’s software developers face an ever growing need for speedy development-to-production cycles with uncompromising security and reliability. One way of facing the speed versus quality challenge is the introduction of microservices.  

Read More »
blog-3-ways-to-prevent-xss

3 Ways to Prevent XSS

Oct 09, 2017 By Sarah Vonnegut | When we discuss vulnerabilities in applications, there are different categories that we come across. Some vulnerabilities are extremely common yet allow for little or no damage should an attacker discover and exploit them, while others are incredibly rare but can have major, lasting impact on the organizations behind the attacked application. Then, there’s the third category: Common and deadly. Cross-Site Scripting,  commonly shortened to XSS, is one of the most common vulnerabilities found in applications, and can cause serious damage given the right time and the right attacker.  

Read More »
blog-mobile-hacks-infog

Top Mobile Hacks of 2017 [INFOGRAPHIC]

Oct 02, 2017 By Arden Rubens | Happy October! And we all know what that means… Cooler weather, fuzzy sweaters, pumpkin spiced everything, and National Cyber Security Awareness Month (NCSAM). In honor of NCSAM, we’re taking a dive into the world of mobile and will be sharing ways to keep your developers #CyberAware so that you don’t fall victim to some of the threats, hacks, and breaches we’re discussing in this blog post.

Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.

SUBSCRIBE