News
Major Tinder security flaw could enable hackers to spy on your swipes
January 23, 2018The security flaw, which Checkmarx demonstrated in a proof-of-concept app, enables a third party to intercept images, provided the user is on the same Wi-Fi network. The malicious individual could even use... Read More
Swipe fright: Tinder hackers may know how desperate you really are
January 23, 2018A lack of security protections in Tinder's mobile app is leaving lonely hearts vulnerable to eavesdropping. That's according to security biz Checkmarx this week, which claimed Android and iOS builds of the... Read More
Vulnerabilities let people see your Tinder swipes and photos
January 23, 2018You might want to swipe left on Tinder's security. Researchers at Checkmarx, which helps developers test the security of their applications, said in a blog post Tuesday that the popular dating app has... Read More
2018 DevOps Predictions
December 18, 2017In 2018 one major change we will see as it relates to Application Security (AppSec) is that there will be a reduction of organizations running their own dynamic application security testing (DAST). Many organizations will begin to leverage interactive application security testing (IAST), validating the results by running DAST-as-a-Service. Looking... Read More
Why mobile game developers need to say “Game Over” to the man-in-the-middle
December 14, 2017With a whopping 2.2 billion smartphone users worldwide, it is no surprise that mobile games make up 42 percent of the gaming market equating to $46.1 billion in revenue. What... Read More
Predictions 2018: How DevOps, AI Will Impact Security
December 14, 2017Amit Ashbel, Director of Product Marketing and Cyber Security Evangelist, Checkmarx: Here’s what’s next for DevOps. “DevOps is still maturing, and while many organizations are shifting to DevOps, many are still in the process and not there yet. That said, the DevOps movement will continue to grow and increase its scope to cover... Read More
Infosec expert viewpoint: DevOps security
November 27, 2017In talking to companies all over the U.S, it is almost unanimous that DevOps is here to stay. DevOps modernizes the software development life cycle and deployment to account for the way businesses are run. I would say 90-95% of enterprise companies have some sort of DevOps initiative and are... Read More
Share the Cost of Secure Application Development
November 22, 2017The cost of protecting applications from cyberattacks is climbing fast. So, it's time for business units to help cover the pricetag. The 2017 Ponemon Institute study reaffirms that while this year has seen more hacks and breaches than 2016, organizations are actually spending less money per breach. But the climbing security stocks... Read More
The Best Way for Dev and Ops to Collaborate
November 9, 2017The DevOps culture removes the barriers between departments, and especially among those most deeply involved in DevOps; that is, the operations teams and developers. Historically, there has been a culture... Read More
How Checkmarx Is Helping Developers Improve Mobile Security Skills
October 26, 2017Checkmarx has launched new mobile security courses for developers. The interactive courses include secure coding for Android Java, Android Kotlin, iOS Objective C, and iOS Swift. There are 9 free courses which... Read More
Checkmarx 2018 Predictions: DevOps is Here to Stay
October 23, 2017One of the biggest areas for application security in 2018 is how it fits within a true DevOps environment. In my discussions with some of the largest organizations in the world there seems to be one common theme, and that is the movement to a true DevOps program. DevOps is a hot... Read More
Checkmarx Expands Codebashing Developer Application Security Training With New Interactive Mobile Security Courses
October 17, 2017The importance of integrating security tests in the software development life cycle is commonly discussed and widely agreed upon, yet getting developers to write secure code to begin with is... Read More
ShiftLeft’s new cybersecurity platform customizes itself for every workload
October 11, 2017Thanks to sophisticated development tools and practices that have emerged in recent years, application teams are producing code faster than ever. The downside is that the shorter release cycles become, the... Read More
Cloud-native apps push static code analysis tools to the limit
September 27, 2017Matt Rose is the global director of application security strategy at Checkmarx, an organization that provides static code analysis tools that play a key role in the secure software testing... Read More
Pumpkin-Spiced Cybersecurity: October Is National Cyber Security Awareness Month
September 27, 2017Cyberattacks, including global ransomware attacks, massive data breaches, and distributed denial-of-service attacks have recently dominated the headlines, saturating consumers’ news intake with stories about cybersecurity threats. These repeated reminders of... Read More
A bug fix always beats a round of risk assessments
September 26, 2017“Many organizations have an effective process for identifying problems, but no process for remediation,” said Matt Rose, the global director of application security strategy at Checkmarx. “Organizations do a lot... Read More
CloudBees, partners add Jenkins services, security
September 25, 2017For its part, Checkmarx, an application security software company, introduced a new release of its Interactive Application Security Testing product, CxIAST. The product enables continuous application security testing in real time, so software delivery schedules are not affected by security testing. Click here to continue reading Read More
Containers and microservices complicate cloud-native security
September 13, 2017But not every data breach can be blamed on an end user, which is why developers must be vigilant when it comes to cloud-native security. According to Matt Rose, global director of application security strategy at Checkmarx, it's commonplace for his software company's static code analysis tools to identify places... Read More
Jenkins World 2017 Highlights the Growing Ubiquity of Continuous Integration
August 31, 2017Matt Rose, global director of application security strategy at Checkmarx, said that Jenkins is the bellwether for the CI/CD world. “Most of our customers are using Jenkins in some way.... Read More
Gigster receives $20M in funding, Checkmarx’s DevSecOps platform, and Okta’s two-factor authentication — SD Times news digest: August 30, 2017
August 30, 2017At Jenkins World 2017, Checkmarx announced its new Interactive Application Security Testing solution, CxIAST, which gives teams continuous application security testing in real time, with zero scan time, accuracy and... Read More