As old as web browsers themselves, cross-site scripting (XSS) has been an ongoing issue in the security world. Its’ consistent appearance on the OWASP Top 10 and in news reports of cross-site scripting attacks has kept the security issue in the spotlight over the years. Yet after two decades the security issue remains one of the
Manage your software where it’s created. It is in your continuous integration environment where the various pieces of code become software. While some of the software is proprietary, much of it (probably over 50%) is open source components, as your development teams use open source components to boost their productivity and make better products. You most
In our global, digital world, data is king – and malicious attackers are on a constant lookout for ways to conquer the throne. With a rapidly changing business landscape,the old, reactive approaches to security are no longer enough – if they ever were. Effective application security leaders are changing their tactics to keep up with the transformations.
2014 will go down as the year of the mega-attacks. It all started off during last years holiday season with the Target hackings that affected over 100 million customers. Soon the Heartbleed and Shellshock vulnerabilities were exposed, causing havoc all across the planet. The hackings kept on coming in the latter stages of the year
This post originally appeared on SCMagazine.com. By Maty Siman, Checkmarx Founder & CTO When it comes to an organization’s software security, there’s been a chronic disconnect between the developers who write and build the code and the security teams who audit and enforce the code’s security. This divide historically arose from common misunderstandings: programmers believe that
Dave Ferguson is back with another guest blog! Make sure you check out his blog here, and read his original post, ‘Keeping Up With The Hackers: Where to Practice Your Web Hacking Skills,’ here. Testing your software for vulnerabilities is important. There’s no doubt about it, but if there’s something I’ve learned over the years when
With more and more leading applications and websites are being hacked, internet users are thinking twice before sharing personal information online. With hacktivism, commercial espionage and criminal hackings on the rise, it has become extremely crucial to safeguard databases and make sure that adequate application-layer security is in place. Unfortunately, the responsibility for providing this
Hacktivism, commercial malware and criminal exploitation have become the norm in today’s cyberspace. This worrying trend has magnified the need for a comprehensive testing solution that can be integrated into the SDLC. Enter Source Code Analysis (SCA).
For many in the U.S., the Thanksgiving weekend officially begins at the end of today’s work day and thus starts the beginning of the holiday season. This year there will already be enough pains to deal with: congested roads, packed stores and airports, not to mention messy weather. One headache you can avoid is Cybercrime, so