Checkmarx Acquires Custodela to Bring Enhanced Automation to DevSecOps Programs!

In the News

NFCDrip: Português descobre falha que afeta smartphones, impressoras e milhões de outros equipamentos

27 Oct 2018 | By

Vulnerabilidade encontrada no NFC pode nunca vir a ter correção. Investigador fala numa mudança de paradigma para aquela que é uma das tecnologias mais populares no mundo.

Vulnerabilidade encontrada no NFC pode nunca vir a ter correção. Investigador fala numa mudança de paradigma para aquela que é uma das tecnologias mais populares no mundo.


</close>

Checkmarx and Fishtech Group partner to help businesses fight software exposure risk

24 Oct 2018 | By HelpNetSecurity

Checkmarx formed a strategic partnership with Fishtech Group to enable customers across North America manage software exposure at the speed of DevOps. Working together, Fishtech Group will become a reseller of Checkmarx’s Software Exposure Platform to help customers release secure software.

Checkmarx formed a strategic partnership with Fishtech Group to enable customers across North America manage software exposure at the speed of DevOps. Working together, Fishtech Group will become a reseller of Checkmarx’s Software Exposure Platform to help customers release secure software.


</close>

NFCdrip Attack Proves Long-Range Data Exfiltration via NFC

18 Oct 2018 | By Eduard Kovacs

Researchers have demonstrated that the near-field communication (NFC) protocol can be used to exfiltrate small amounts of data, such as passwords and encryption keys, over relatively long distances.

Researchers have demonstrated that the near-field communication (NFC) protocol can be used to exfiltrate small amounts of data, such as passwords and encryption keys, over relatively long distances.


</close>

Government payment provider exposes 14M customer records online

19 Sep 2018 | By Duncan Riley

Government Payment Service Inc., a company that offers a service called GovPayNow used by U.S. state and local governments, exposed 14 million records online.
Discovered by security researcher Brian Krebs and revealed Tuesday, the breach included names, addresses, phone numbers and the last four digits of the payer’s credit card going back six years. It was all exposed by the company failing to secure them, leaving them open for anyone to access.

Government Payment Service Inc., a company that offers a service called GovPayNow used by U.S. state and local governments, exposed 14 million records online.
Discovered by security researcher Brian Krebs and revealed Tuesday, the breach included names, addresses, phone numbers and the last four digits of the payer’s credit card going back six years. It was all exposed by the company failing to secure them, leaving them open for anyone to access.


</close>

Addressing Software Exposure Within the DevOps Cycle

16 Aug 2018 | By Maty Siman

There once was a time in software development where developers could design, build and then think about their software's security. However in today's highly connected, API-driven application environment, this approach is simply too risky as it exposes the software to vulnerabilities.

There once was a time in software development where developers could design, build and then think about their software’s security. However in today’s highly connected, API-driven application environment, this approach is simply too risky as it exposes the software to vulnerabilities.


</close>

Add It Up: DevOps Security Needs More Tooling

9 Aug 2018 | By Lawrence Hecht

DevOps teams are involved with security but they need to do more. Two recent studies show that tooling is inadequate and that security is not properly integrated into the entire DevOps process.

DevOps teams are involved with security but they need to do more. Two recent studies show that tooling is inadequate and that security is not properly integrated into the entire DevOps process.


</close>

Black Hat conference in Las Vegas addresses cryptocurrency theft

8 Aug 2018 | By Todd Prince

Crypto phishing — sending emails or creating websites that resemble a trusted crypto company — and cryptojacking — using another person’s computer to mine currencies — are two new methods that are increasingly used, Cisco representatives told a attendees Wednesday at the Black Hat conference in Las Vegas.

Crypto phishing — sending emails or creating websites that resemble a trusted crypto company — and cryptojacking — using another person’s computer to mine currencies — are two new methods that are increasingly used, Cisco representatives told a attendees Wednesday at the Black Hat conference in Las Vegas.


</close>

92 percent of enterprises struggle to integrate security into DevOps

7 Aug 2018 | By Ian Barker

A large majority of organizations are struggling to implement security into their DevOps processes, despite saying they want to do so, according to a new report.

A large majority of organizations are struggling to implement security into their DevOps processes, despite saying they want to do so, according to a new report.


</close>

Report finds most enterprises fail to implement security across DevOps process

7 Aug 2018 | By Duncan Riley

That’s the biggest takeaway from a new report out today from security firm Checkmarx Ltd. “Managing Software Exposure: Time to Fully Embed Security into Your Application Lifecycle” was undertaken in conjunction with FreeForm Dynamics and The Register based on the input of 183 respondents worldwide in a variety of information technology roles.

That’s the biggest takeaway from a new report out today from security firm Checkmarx Ltd. “Managing Software Exposure: Time to Fully Embed Security into Your Application Lifecycle” was undertaken in conjunction with FreeForm Dynamics and The Register based on the input of 183 respondents worldwide in a variety of information technology roles.


</close>

Cybersecurity 500 2018: The Official List

21 May 2018 | By Cybersecurity Ventures

Thousands of startups have been formed over the past decade to focus on combating cybercrime.  The Cybersecurity 500 features the hottest and most innovative companies in this market.

Thousands of startups have been formed over the past decade to focus on combating cybercrime.  The Cybersecurity 500 features the hottest and most innovative companies in this market.


</close>