Checkmarx Named a Leader in The Forrester Wave: SAST

Technical Blog

Take a peek into what the Checkmarx Application Security Research Team is up to by
keeping up with their blogs on the vulnerabilities, exploits, mitigation techniques
and secure coding best practices. 

On the Road to DevSecOps: Security and Privacy Controls per NIST SP 800-53

This past March, the National Institute of Standards and Technology (NIST) released the NIST Special Publication 800-53, Revision 5, which was their final public draft revision. According to the abstract, “This publication provides a catalog of security and privacy controls for federal information systems and organizations to protect organizational operations and assets, individuals, other organizations,

Read More ›

Integrating Checkmarx Security Results within GitLab

The automation and integration of Application Security Testing (AST) is essential for building out a true DevSecOps program. Automation is the easy part. Invoke a security scanners’ REST API or a command line interface inside a pipeline and you can get automated scans. The key, and more tricky part, is integration. What I mean by

Read More ›

Race Conditions Can Exist in Go

Overview The Go Programming Language (also known as Golang) is an open source programming language created by Google. Go is compiled and is statically typed as in C (with garbage collection). It has limited structural typing, memory safety features, and CSP-style concurrent features. In this article, I will cover Go Race Conditions from theory to

Read More ›

You Better Get Going with Go

“I think Node (.js) is not the best system to build a massive server web. I would use Go for that. And honestly, that’s the reason why I left Node. It was the realization that: oh, actually, this is not the best server-side system ever.” (HS, 2017) This quote is by Ryan Dahl the author

Read More ›

Welcome to Checkmarx Golang Week!

When beginning to utilize any new programming language, a frequent obstacle developers face is the sheer lack of secure coding education and training about common pitfalls and coding errors during the language-learning process. The subject of security is often neglected by many articles pertaining to a new language, or security discussions are very scattered throughout

Read More ›

Jump to Category