Application Security Trends

Traditional security is well past its expiration date. Learn about the latest trends in AppSec in these posts, from DevOps to SAST and everything in between.

Your Source for RSA2013 live updates! { }

Feb 21, 2013 By carolineb | Optimize your RSA2013 experience and get live updates from Vendors, Speakers and Press at

Read More »

Valentine’s Day Hilarious Pickup Lines for Geeks

Feb 14, 2013 By carolineb | We couldn’t ignore these hilarious, geeky pickup lines we saw on
Happy Valentine’s day, Enjoy!

Read More »

Security Corporations are going Bug- hunting

Feb 12, 2013 By carolineb | Security Corporations are going Bug- hunting
An article published by John Leyden on MITRE Corp, the organization which sets the industry standards for classifying security vulnerabilities goes one step further in security. The corporation is now considering the multiplication of Common Vulnerabilities and Exposures (CVE) in order to enhance the quality of bug reports in terms of security. Currently supporting up to 9,999 vulnerabilities, MITRE will be multiplying this digit by one hundred, extending this range up to 999,999!

Read More »

What’s HOT in Application Security Vol #40

Jan 14, 2013 By asaphs | Shape Security: Getting Down to the Root of Hacking
When treating an illness, it is generally more effective to treat the source of the problem rather than the symptoms. Shape Security is trying to do the same in the field of website security. While all other products are geared towards a faster, cheaper, and better way of preventing and stopping attackers, Sumit Agarwal, co-founder and vice president of Shape claims that they are “striking at the core mechanics of how those things work and making them harder to do in the future” by focusing on cutting edge attackers and crimeware ecosystem. Basically, it won’t be “offensive security” but defensive security, making it harder and more costly to do any damage.

Read More »

How Collective Wisdom Enhances Application Security

Jan 14, 2013 By carolineb | One of the biggest challenges in today’s Application Security is how to map and overcome unexpected hacks as a result of lack of coverage in addition to well-defined hacks. How do we overcome this matter and improve the ability to fix our source code? The Checkmarx R&D team has initiated an unconventional and creative way to solve this trouble. At the OWASP APAC 2013, we will present our research methodology and findings. In particular, we will show how to:

Read More »

Salesforce Enhanced Security with Checkmarx Solution

Dec 27, 2012 By carolineb |   We simply love making things simple!
So here are some video screencasts introducing our Checkmarx new Salesforce online code scanner. Presenting our solution is Abhinav Gupta, Salesforce and Cloud Solution Architect- go to article and videos.  

Read More »

Three compelling reasons to check your mobile app source code- by Kevin Beaver, CISSP

Dec 25, 2012 By carolineb | Three compelling reasons to check your mobile app source code I’m going to put it to you straight: source code analysis is amazingly simple. Unlike penetration testing and complementary security checks, source code analysis has evolved into a literal point-and-click exercise. The hardest part is getting the source code analyzer software installed. Even that’s a non-issue with cloud-based source code analysis services.

Read More »

Checkmarx is now an Eclipse Member!

Dec 24, 2012 By carolineb | We are glad to announce that Checkmarx is now an Eclipse member!
We support the Eclipse community and offer adapted tools for the Eclipse developers. The Eclipse community was founded in order to enable commercially- friendly open source software for organizations and individuals, focusing on providing an open development technology, comprised of advanced frameworks and tools.

Read More »

[Japan 2012] Summary of CxSuite Seminar for Managers

Dec 19, 2012 By carolineb | Following the CxSuite Seminar for Managers which took place last month in Japan, here’s a summary (in Japanese) of  “Exterminating the root cause of vulnerabilities”, by Maty Siman, Founder and CTO at Checkmarx. Go to summary  

Read More »

Wishing you a Season’s Greeting and a Happy New Year!

Dec 18, 2012 By carolineb | [slideshare id=15656023&doc=happynewyear-121216025521-phpapp01]
For the first time ever, Checkmarx conducted a comprehensive survey of security professionals,
their peers and family to see exactly how this profession is perceived… View full screen & Enjoy!
Download poster:
Happy New Year!

Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.