In the News

Application Security Leader Checkmarx Expands U.S. Footprint with New Atlanta Office

23 May 2017 | By Business Wire

ATLANTA--(BUSINESS WIRE)--Checkmarx, a global leader in Application Security Testing (AST), today announced the official opening of a new office location in Atlanta, GA. The office is located at 7000 Central Parkway, Suite 1045, and will unite Checkmarx’s U.S. sales, customer success and technical support operations together in a city known for its blossoming technology ecosystem.

 

Click here to continue reading. 

ATLANTA–(BUSINESS WIRE)–Checkmarx, a global leader in Application Security Testing (AST), today announced the official opening of a new office location in Atlanta, GA. The office is located at 7000 Central Parkway, Suite 1045, and will unite Checkmarx’s U.S. sales, customer success and technical support operations together in a city known for its blossoming technology ecosystem.

 

Click here to continue reading. 


</close>

The importance of application security in an increasingly connected world

5 May 2017 | By Amit Ashbel

We're living in a world where technology is increasingly part of our everyday lives. Unfortunately, despite the advantages that all of this new technology offers, it also comes with risk. Although there is research to suggest that developers are becoming more security conscious, applications are still being developed without security in mind.

According to recent research from Ofcom's Tech Tracker, 71 percent of UK adults had a smartphone last year. Meanwhile even though the general feeling among researchers and analysts is that IoT devices will amount to approximately 30 billion by 2020 rather than the earlier predicted 50 billion, 30 billion is still a lot of connected devices. And just looking at the App Store at the beginning of this year, there were 2.2 million downloadable applications. As applications present such a large surface area for potential attacks, it's essential that organisations understand the context of application development and the differences between native and hybrid mobile development.

 

Continue reading on SC Magazine UK

We’re living in a world where technology is increasingly part of our everyday lives. Unfortunately, despite the advantages that all of this new technology offers, it also comes with risk. Although there is research to suggest that developers are becoming more security conscious, applications are still being developed without security in mind.

According to recent research from Ofcom’s Tech Tracker, 71 percent of UK adults had a smartphone last year. Meanwhile even though the general feeling among researchers and analysts is that IoT devices will amount to approximately 30 billion by 2020 rather than the earlier predicted 50 billion, 30 billion is still a lot of connected devices. And just looking at the App Store at the beginning of this year, there were 2.2 million downloadable applications. As applications present such a large surface area for potential attacks, it’s essential that organisations understand the context of application development and the differences between native and hybrid mobile development.

 

Continue reading on SC Magazine UK


</close>

April 2017: The month in hacks and breaches

2 May 2017 | By CSO Staff

More than 500,000 Australian websites went dark on April 13 thanks to a DDoS attack, and the month ended with a hacker stealing an entire unreleased season of Netflix’s Orange Is the New Black show.  Scroll down to see a timeline of all of last month’s hacks and breaches, compiled by application security provider Checkmarx.

 

Read the full article here

More than 500,000 Australian websites went dark on April 13 thanks to a DDoS attack, and the month ended with a hacker stealing an entire unreleased season of Netflix’s Orange Is the New Black show.  Scroll down to see a timeline of all of last month’s hacks and breaches, compiled by application security provider Checkmarx.

 

Read the full article here


</close>

Microsoft Build Partners

1 May 2017 | By Madison Moore

Checkmarx is an application security software company, whose mission is to provide enterprise organizations with application security testing products and services that empower developers to deliver secure applications.  The new Checkmarx (CxSAST) Microsoft Visual Studio Team Services Plugin allows organizations with agile development practices to embed security into their software development lifecycle (SDLC) without the delays traditionally caused by application security testing.  Amongst the company’s 1,100+ customers are five of the world’s top 10 software vendors, Fortune 500 and government organizations.

 

Read the full article on SD Times

Checkmarx is an application security software company, whose mission is to provide enterprise organizations with application security testing products and services that empower developers to deliver secure applications.  The new Checkmarx (CxSAST) Microsoft Visual Studio Team Services Plugin allows organizations with agile development practices to embed security into their software development lifecycle (SDLC) without the delays traditionally caused by application security testing.  Amongst the company’s 1,100+ customers are five of the world’s top 10 software vendors, Fortune 500 and government organizations.

 

Read the full article on SD Times


</close>

IoT will only ever be as secure as its application code

27 Apr 2017 | By Amit Ashbel

The Internet of Things offers a beautiful, interconnected vision of the future. However, secure code has to underpin all things IoT because just one chink in the armor leaves us all vulnerable.

The pace at which the Internet of Things (IoT) is entering our homes and workplaces is phenomenal. This proliferation brings lots of potential benefits to users but it also presents numerous security risks. There is currently no common IoT platform; instead there are various tech giants competing to own the IoT platform of choice with securing that platform seeming to be a lesser consideration. The Open Web Application Security Project (OWASP)’s top ten IoT list of vulnerabilities gives recommendations on how to develop IoT applications that will help fight off hacking attempts. In the IoT space, releases are generally quick and often so OWASPs top ten is certainly helpful but they can only have a positive affect if the underlying application code itself is secure.

 

Click here to continue reading/wp-content/uploads/2017/04/Logos-for-INT-345x195-px.png

The Internet of Things offers a beautiful, interconnected vision of the future. However, secure code has to underpin all things IoT because just one chink in the armor leaves us all vulnerable.

The pace at which the Internet of Things (IoT) is entering our homes and workplaces is phenomenal. This proliferation brings lots of potential benefits to users but it also presents numerous security risks. There is currently no common IoT platform; instead there are various tech giants competing to own the IoT platform of choice with securing that platform seeming to be a lesser consideration. The Open Web Application Security Project (OWASP)’s top ten IoT list of vulnerabilities gives recommendations on how to develop IoT applications that will help fight off hacking attempts. In the IoT space, releases are generally quick and often so OWASPs top ten is certainly helpful but they can only have a positive affect if the underlying application code itself is secure.

 

Click here to continue reading/wp-content/uploads/2017/04/Logos-for-INT-345×195-px.png


</close>

6 Ways to Be Your CISO’s Security Team MVP

20 Apr 2017 | By Arden Rubens

Security maturity, as cliché as it sounds, is a journey – not a destination. Security isn’t something that can ever be considered “done” because there will always be new technologies, business objectives or processes to secure and align with.
The good news is you don’t have to be a CISO to affect changes in an organization. If you’re a dedicated security professional, you can absolutely help guide how security is implemented in your organization, as well as how security is perceived to the larger organization. Incorporate the following 6 tips into your professional role and make yourself and the security team look like total pros!

 

Read the full article on IT Briefcase 

Security maturity, as cliché as it sounds, is a journey – not a destination. Security isn’t something that can ever be considered “done” because there will always be new technologies, business objectives or processes to secure and align with.
The good news is you don’t have to be a CISO to affect changes in an organization. If you’re a dedicated security professional, you can absolutely help guide how security is implemented in your organization, as well as how security is perceived to the larger organization. Incorporate the following 6 tips into your professional role and make yourself and the security team look like total pros!

 

Read the full article on IT Briefcase 


</close>

German, Israeli companies to cooperate on cybersecurity

12 Apr 2017 | By Tova Cohen

The Cyber-Security Council Germany said on Wednesday it opened its first international chapter with security firm Checkmarx in Israel, establishing a bridge between German and Israeli cybersecurity communities.

"Cyber threats are not bound to national borders, so that transnational cooperation and networking is inevitable for the exchange of know-how and best practices," said Philipp von Saldern, president of the council, whose members include companies, experts and policymakers in cybersecurity.

 

Read the full article here

The Cyber-Security Council Germany said on Wednesday it opened its first international chapter with security firm Checkmarx in Israel, establishing a bridge between German and Israeli cybersecurity communities.

“Cyber threats are not bound to national borders, so that transnational cooperation and networking is inevitable for the exchange of know-how and best practices,” said Philipp von Saldern, president of the council, whose members include companies, experts and policymakers in cybersecurity.

 

Read the full article here


</close>

Essential Steps to Become Agile – Part 3

7 Apr 2017 | By DevOps Digest

In my opinion, shifting to Agile is easier than what some organizations may think. Overall, making deliveries smaller is key for a successful Agile workflow, it's easier to steer a small boat and fix its course than changing a huge ship's course which requires much more preparations and resources. The main technological challenge is to identify what pieces of technology hinder the Agile process and replace them with modern solutions. A great example from my point of view would be source code analysis. SCA used to be a long process designed purely for waterfall concepts, however, not many solutions have adapted their products to work in fast paced Agile environments so making sure your SCA solution can keep up with short development cycles is critical for your Agile development process.
Amit Ashbel
Cyber Security Evangelist, Checkmarx

 

Read the full article here.

In my opinion, shifting to Agile is easier than what some organizations may think. Overall, making deliveries smaller is key for a successful Agile workflow, it’s easier to steer a small boat and fix its course than changing a huge ship’s course which requires much more preparations and resources. The main technological challenge is to identify what pieces of technology hinder the Agile process and replace them with modern solutions. A great example from my point of view would be source code analysis. SCA used to be a long process designed purely for waterfall concepts, however, not many solutions have adapted their products to work in fast paced Agile environments so making sure your SCA solution can keep up with short development cycles is critical for your Agile development process.
Amit Ashbel
Cyber Security Evangelist, Checkmarx

 

Read the full article here.


</close>

Leading global bank implements Checkmarx Source Code Analysis to strengthen security

5 Apr 2017 | By Dawn Nicholls

Checkmarx has announced that a leading American international banking and financial services holding company is implementing the Checkmarx solution to further strengthen its security posture and deliver secure applications to its customers. This means that four of the largest American banks have adopted Checkmarx to enhance their application security. By working with Checkmarx, the financial institution is prioritizing the security of its assets and customers’ financial and personal data, while also advancing its static code coverage by integrating application security testing and remediation.

Following an extensive search and testing period of various solutions, the company concluded that only Checkmarx’s unique and extensive coverage of programming languages met its requirements. The company based its decision on the strength of Checkmarx’s features, such as the incremental scan, the seamless integration with DevOps toolchain, and the flexibility and accuracy delivered through customizable code analysis queries.

Read more here

Checkmarx has announced that a leading American international banking and financial services holding company is implementing the Checkmarx solution to further strengthen its security posture and deliver secure applications to its customers. This means that four of the largest American banks have adopted Checkmarx to enhance their application security. By working with Checkmarx, the financial institution is prioritizing the security of its assets and customers’ financial and personal data, while also advancing its static code coverage by integrating application security testing and remediation.

Following an extensive search and testing period of various solutions, the company concluded that only Checkmarx’s unique and extensive coverage of programming languages met its requirements. The company based its decision on the strength of Checkmarx’s features, such as the incremental scan, the seamless integration with DevOps toolchain, and the flexibility and accuracy delivered through customizable code analysis queries.

Read more here


</close>

Source code analysis strengthens bank’s security

4 Apr 2017 | By Digitalisation World

A leading American international banking and financial services holding company is implementing the Checkmarx solution to further strengthen its security posture and deliver secure applications to its customers.

This means that four of the largest American banks have adopted Checkmarx to enhance their application security. By working with Checkmarx, the financial institution is prioritizing the security of its assets and customers’ financial and personal data, while also advancing its static code coverage by integrating application security testing and remediation.

Continue reading here

A leading American international banking and financial services holding company is implementing the Checkmarx solution to further strengthen its security posture and deliver secure applications to its customers.

This means that four of the largest American banks have adopted Checkmarx to enhance their application security. By working with Checkmarx, the financial institution is prioritizing the security of its assets and customers’ financial and personal data, while also advancing its static code coverage by integrating application security testing and remediation.

Continue reading here


</close>

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.