Checkmarx Blog
Timeline: HBO’s Month of Hacks [INFOGRAPHIC]
Aug 21, 2017 By Arden Rubens | For the web is dark and filled with hackers…
Winter came for HBO at the start of August, as they were hit with hacks and data leaks (and a couple of their own mistakes). And as August progresses, we feel it’s safe to say that August marks the Long Night for the cable network, as every few days a new leak or development in the story makes headlines.
Read More »
An In Depth Look: Top PHP Frameworks
Aug 10, 2017 By Arden Rubens | PHP is an open source scripting language designed for web development. When the language was first released in 1994, PHP stood for Personal Home Page. Today, PHP is referred to as a backronym – PHP, Hypertext Preprocessor.
PHP is a dynamic language allowing developers run their code instantly, without having to compile it first. What makes PHP unique from other client-side languages is that the code is executed on the server which generates HTML before it’s sent to the client.
Read More »
Are You Being Watched Through Your Connected Cameras?
Aug 02, 2017 By Arden Rubens | In October 2016, a massive distributed denial-of-service (DDoS) attack left millions of people around the world without major websites – including Twitter, Reddit, and Amazon – by taking them off the grid. This was directly caused by attackers easily guessing easy/default passwords on wireless IP cameras which were infected with a malware and then used to create a botnet. This incident is not only considered one of the biggest cyberattacks ever, but also one of the more recent hacks and breaches revolving around webcams and wireless IP cameras.
Read More »
July 2017: Top Hacks and Breaches [INFOGRAPHIC]
Jul 31, 2017 By Arden Rubens |
With July being the official halfway mark in the year, it’s safe to say that 2017 is giving us both the expected and not-expected hacks and breaches, hitting every industry and affecting just about every country in our world. And this is coming at a pretty high cost. According to a report released by Lloyd’s of London, a major, global cyber attack can trigger about $53 billion of financial losses; a number equivalent to the financial loss of a disastrous natural disaster.
Read More »
We’re excited to announce the acquisition of Codebashing!
Jul 25, 2017 By Arden Rubens | We’re excited to announce the acquisition of Codebashing, a leading application security education platform that specializes in delivering interactive secure coding education for developers, aiming to empower developers with bite-sized interactive lessons to understand the principles of application security.
For organizations across the globe, reaching and maintaining application security is a major challenge. The increasing number of exploits, vulnerabilities, and the bleak repercussions the affected organizations face is a constant reminder of how important strong application security is. Yet, in so many cases, the biggest security risk organizations have is the lack of secure coding knowledge.
Read More »
The ABCs of AppSec Testing: IAST & DAST
Jul 24, 2017 By Arden Rubens | As applications are being hit harder than ever with increasingly sophisticated cyberattacks, organizations are turning to application security testing solutions to keep their applications safe. And as organizations take a peek into the AppSec testing market, they are sure to see many different options. In this blog post we will take a look at two solutions: IAST and DAST.
Read More »
Jul 13, 2017 By Arden Rubens | As organizations modernize and innovate their technologies and flows, traditional Dynamic Application Security Testing (DAST) is being considered a big setback for one big reason: time. With DAST, scanning for vulnerabilities takes time, special skills and maintenance. Therefore, with the rapid pace of CI/CD, it’s becoming more of a challenge to implement DAST. While automation and fast turnarounds are mandatory for a successful application security program in modern development environments, DAST cannot align with these requirements.
Read More »
Jul 11, 2017 By Sarah Vonnegut |
Metrics matter. Metrics are important because they tell you, stakeholders and budget planners how well you’re meeting your set goals. Metrics ensure that your program has visibility and is the only way to effectively communicate the value of your application security program. If you simply go through the AppSec motions of scanning and fixing, you have no insight into how effective your application security program is or if you’re hitting either your security goals or business goals.
Read More »
Australia’s Mandatory Breach Notification Bill – 3 Ways to Prepare Your Organization
Jul 03, 2017 By Sarah Vonnegut | Governments are increasingly taking control of cybersecurity issues for the citizens and organizations they serve. Just last year, Europe passed the General Data Protection Regulation, or GDPR, which requires businesses who handle European citizen’s data to notify customers if they experience a data breach, as well as report it to the regulatory body. In the US, 47 out of 50 states have established state legislature touching on data breach notification requirements, and Canada requires hacked organizations to notify both customers and the Privacy Commissioner.
Read More »
June 2017: Top Hacks and Breaches [INFOGRAPHIC]
Jun 30, 2017 By Arden Rubens | As we dive into June’s biggest hacks and breaches, we begin with OneLogin – a company which allows users to access multiple websites, applications, and services with just a single password. An attacker got hold of highly-sensitive keys for OneLogin’s cloud instance, and successfully in using its front-door key. In a statement released by the company, it was said that the attacked may have “obtained the ability to decrypt some information”.
Read More »
Stay Connected
Sign up today & never miss an update from the Checkmarx blog
