Checkmarx Named a Leader in Gartner Magic Quadrant for Application Security Testing

AppSec Tips
& Best Practices

Learn from AppSec success stories and discover tips and best
practices for Developers, CISOs and Security Managers to help
in securing every part of the SDLC.

Key Tips to Make Your Software Security Program Thrive

Learn 10 Key Tips to Make Your Software Security Program Thrive

The DevOps era brings together skyrocketing complexity with white-hot speed of delivery to create growing value and responsiveness in software design. Companies such as Amazon deploy code every 11 seconds, while Facebook executes 50,000 builds each day. With so much complexity and speed, the risk of security vulnerabilities slipping through the cracks is magnified intensely.

Read More ›

A Closer Look: OWASP Top 10 2017 – Application Security Risks

Open Web Application Security Project (OWASP) is an organization filled with security experts from around the world who provide information about applications and the risks posed, in the most direct, neutral, and practical way. Since 2003, OWASP has been releasing the OWASP Top 10 list every three/four years. The list consists of the top biggest Application Security

Read More ›

Continuous Security Testing for Microservices

Being a part of today’s tech-industry, you probably notice all winds blowing towards the implementation of DevOps and CI\CD methodologies, and rightfully so. Today’s software developers face an ever growing need for speedy development-to-production cycles with uncompromising security and reliability. One way of facing the speed versus quality challenge is the introduction of microservices.  

Read More ›

3 Ways to Prevent XSS

When we discuss vulnerabilities in applications, there are different categories that we come across. Some vulnerabilities are extremely common yet allow for little or no damage should an attacker discover and exploit them, while others are incredibly rare but can have major, lasting impact on the organizations behind the attacked application. Then, there’s the third

Read More ›

Why You Need Automated Security in an Agile Software Environment

Why You Need Automated Security in an Agile Software Environment

Today’s business cycles require faster and more innovative results more than ever before in order to stay competitive. As organizations speed up their time to market, they are realizing the waterfall methodology is no longer working. Now they are creating and adopting rapid application development methodologies. One of those methodologies, agile software development is arguably

Read More ›

A Closer Look: Securing with Jenkins

Acclaimed by the DevOps world and best known as the leading open source automation server for continuous integration (CI) and continuous delivery (CD), Jenkins is a Java-based program designed to monitor a set of executions in a software environment. Jenkins allows developers to rapidly detect and resolve errors in the code base and boosts automated

Read More ›

An In Depth Look: Top PHP Frameworks

PHP is an open source scripting language designed for web development. When the language was first released in 1994, PHP stood for Personal Home Page. Today, PHP is referred to as a backronym – PHP, Hypertext Preprocessor.   PHP is a dynamic language allowing developers run their code instantly, without having to compile it first.

Read More ›

AppSec Metrics That Matter

  Metrics matter. Metrics are important because they tell you, stakeholders and budget planners how well you’re meeting your set goals. Metrics ensure that your program has visibility and is the only way to effectively communicate the value of your application security program. If you simply go through the AppSec motions of scanning and fixing,

Read More ›

Jump to Category