Application Security Trends

Traditional security is well past its expiration date. Learn about the latest trends in AppSec in these posts, from DevOps to SAST and everything in between.

Security of WordPress’ Top Plugins

Jun 18, 2013 By matys | Today we published our report “The Security State of WordPress’ Top 50 Plugins” (no reg required).
This report presents Checkmarx’s research which analyzed the security of the top 50 most popular plugins (in general), as well as the top 10 most popular ecommerce plugins.

Read More »

[2013] Summarizing the Gartner Security and Risk Management Summit

Jun 17, 2013 By carolineb | This week I had the pleasure to join the Gartner Security and Risk Management Summit in Washington DC. It was an event filled with insight and direction covering a large range of cyber security issues which challenge industry leaders and executives alike.

Read More »

Summarizing a great Checkmarx Customer Event in Israel

Jun 17, 2013 By carolineb |
We are glad to summarize a successful Checkmarx Customer event! The event took place on June 16th, 2013 at the Crowne Plaza Beach hotel in Tel Aviv, Israel.
The event was characterized by a vibrant and dynamic atmosphere, with interesting knowledge exchange and new bonds and networks. It was all about Application Security, while our guests discussed security challenges in their organizations and how they deal with them on an ongoing base.
We hosted Security Decision makers from Playtech, LivePerson, Conduit, Mediamind, TGS and our Checkmarx Founder and CTO, Maty Siman spoke about Application Security trends and roadmap.

Read More »

What Apple and Google are not Telling you About Mobile Device Security (infographic)

Jun 11, 2013 By carolineb |   Source:

Read More »

Have you ever been scared of… charging your iPhone?! think twice.

Jun 06, 2013 By carolineb | A way to hack into an iPhone only through charging the phone! Georgia Institute of Technology researchers figured out how to attack iPhone with malicious software through a charging cord.
The proof of concept will be presented by the institute at Black Hat USA 2013- giving you another good reason to come to the conference (visiting the Checkmarx booth).

Read More »

The AppSec How-To: Choosing a SAST Tool

Jun 04, 2013 By carolineb | Given the wide range of source code analysis tools, security professionals, auditors and developers alike are faced with a question:
How to assess a Static Analysis Software Testing (SAST) tool for deployment? Choosing the right tool requires different considerations during each stage of the SAST tool evaluation process.

Read More »

Summarizing a great month of May

May 28, 2013 By carolineb |  We are glad to summarize a great month of events !
Starting in Infosec Israel, continuing to the Paris- Forum “Matchmaking in the Cloud” and concluding our monthly activities at AusCERT, Australia, we’d love to share our insights.

Read More »

Hacktivists publish personal details of South African citizens to “embarrass the authorities”.

May 27, 2013 By carolineb | More than 15,000 South African citizens fell victim to the hacking attack of the SAPS (South African Police Service) website, where all personal information of those who reported crimes were stored.
Citizen’s personal and confidential details were exposed on the net, usernames and passwords of the local Police Services personnel leaked and not least… it’s not something South African authorities can be proud of.

Read More »

Learn more about security – new WebGoat movies

May 20, 2013 By carolineb | OWASP publishes a list of new WebGoat movies to teach web application security concepts.
WebGoat is an application that enables developers to practice secure programming by demonstrating vulnerability examples and ways to fix them.

Read More »

If you wanna hack- hack, don’t shoot

May 13, 2013 By carolineb | The biggest bank robbery in history- no guns, no masks and no threats.
A gang of Cyber Criminals managed to hack into prepaid credit databases (ATM) and steal $45 million. This might be registered as the biggest bank robbery in history. US Bank Muscat has been a victim of this cyber attack with a total loss of $40 million. World-wide law enforcement agencies have been investigating this case, arresting numerous suspects. Read more here

Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.