Checkmarx Named a Leader in Gartner Magic Quadrant for Application Security Testing

AppSec Tips
& Best Practices

Learn from AppSec success stories and discover tips and best
practices for Developers, CISOs and Security Managers to help
in securing every part of the SDLC.

Power to the Players: 3 Tips for Gamifying Your Cybersecurity Training

It’s no hidden secret that an increased level of training and education is both one of the biggest needs and shortcomings in the cybersecurity industry. Organizations are falling victim to cyberattacks more frequently than ever before and the ramifications are only getting worse. According to IBM Security’s and Ponemon Institute’s 2019 Cost of a Data

Read More ›

The Open Source Cookbook: Prepping Your Kitchen

Over the course of this adventure into the culinary world of software development, we have drawn comparisons between open source software and cookie recipes, and equated open source risks to spoiled ingredients. When cooking, it’s imperative that we prep our kitchen properly, stocking the tools and equipment, getting our timing and steps in order, soliciting

Read More ›

Kotlin Guide: Why We Need Mobile Application Secure Coding Practices

October is the annual National Cybersecurity Awareness Month (NCSAM), which is promoted by the U.S. Department of Homeland Security and the National Initiative for Cybersecurity Careers and Studies (NICCS). According to the NICCS, “Held every October, NCSAM is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to

Read More ›

Becoming Optimus Prime Within Your AppSec Initiatives

When I was a child, I didn’t dream of becoming a legendary football player or a rock star. My dream was to become a Transformer: specifically Optimus Prime. I am sure some of you in the audience shared the same dream. As you can probably guess, unfortunately, this dream did not come true. But what

Read More ›

The Open Source Cookbook: Understanding Your Software Ingredients

As I introduced in my last article, where we explored the variance among open source components, distros, and forks, open source software and modern application development can be equated to baking. This analogy allows us to explore potentially complex topics through the more familiar lens of one’s unique take on popular recipes. This time, I’d

Read More ›

Why you need to be thinking about API Security

As cyber attackers continue to take advantage of vulnerable people, processes, and technology, they are now expanding their operations beyond “traditional” targets. It seems that nothing is outside of their jurisdiction and no one is 100 percent safe from their malicious campaigns. Although organizations are making strides in the right direction to protect themselves, as

Read More ›

AppSec Training – Necessary, but not sufficient

It’s no secret that the earlier you discover security bugs in the software development life cycle (SDLC), the more time, money, and resources you will save. While making use of “reactive” security testing tools such as SAST and IAST is necessary to prevent vulnerabilities from entering production, a proactive approach that eliminates the introduction of

Read More ›

9 Key Players for a Winning Security Team

9 Key Players for a Winning Security Team

Basketball legend Michael Jordan once said, “Talent wins games, but teamwork and intelligence win championships.” When it comes to something as important as your company’s security, you can’t afford to rely on anything less than a championship security team. What does a championship security team mean for your organization? You may have hired the best

Read More ›

Don’t Get Phished – 7 Tips to Avoid This Common Cyber Attack

Don’t Get Phished – 7 Tips to Avoid This Common Cyber Attack

Phishing is the most common type of cyber-attack that impacts organizations both large and small. These attacks may take many forms, but they all share a common goal – getting you to share sensitive information such as login credentials, credit card information, or bank account details. Unfortunately, some of the more common ways we might

Read More ›

Managing Software Security 10 Essential Best Practices [Infographic]

Managing Software Security: 10 Essential Best Practices [Infographic]

Is your software security program up to the challenges of a rapidly accelerating software delivery environment? Most aren’t – and it’s challenging to both identify the problems and determine the best ways to manage software security in a DevOps environment. Learn some of the essential best practices for managing software security now. Educate Your Team

Read More ›

Jump to Category