Checkmarx Blog

future of cyber security

The Future of Cyber Security – Part 1

Aug 25, 2016 By Paul Curran | “One of the unique aspects of IoT (Internet of Things) is that it’s bringing cybersecurity into the physical realm.” Intel Security Group Senior VP Chris Young.   For those that didn’t live through the fear mongering surrounding the anticipated disasters stemming from Y2K, cyber security hasn’t been something that has made a major impact on the average person’s life.
Read More »
Screen Shot 2016-08-21 at 5.43.04 PM

Federal Forecast: Cyber Security in 2017

Aug 21, 2016 By Paul Curran | As America still reels from the damage created after the giant Office of Personnel Management (OPM) hack, it’s time to wonder what 2017 has in store for American federal cyber security. It’s not even over yet, and 2016 has been a big year not only for major breaches targeting federal agencies, but also for some big strides forward in the way that America’s treating the future of cyber security.  
Read More »
encryption security

All About Encryption: Security, News and a Brief History

Aug 18, 2016 By Paul Curran | WhatsApp recently made global headlines with the news that all forms of communication sent through the app feature end-to-end encryption. This additional layer of security which meant that all messages and files would be secured from falling into the wrong hands, but what is needed to properly encrypt data and what happens when sensitive data is not properly encrypted?  
Read More »
hacks and breaches July 2016

Major Hacks and Breaches for July 2016 [INFOGRAPHIC]

Aug 16, 2016 By Paul Curran | Summer 2016 continues to heat up with hacks, breaches and discoveries of major vulnerabilities. From automotive to the internet of things(IoT) and from Vietnamese airports to Taiwanese ATMs, July was a big month for cyber security news. Both Fiat-Chrysler and BMW feature in this month’s infographic, although for different reasons as Fiat Chrysler took the preventative step of launching a bug bounty program for its website and mobile applications, while two serious vulnerabilities were discovered in BMW’s web portal.  
Read More »
Hybrid versus native mobile development

Hybrid versus Native Mobile App Development: Methodologies, Risks and Tools

Aug 10, 2016 By Paul Curran | As our focus changes from content on the web to content on mobile, our mobile devices play an increasingly vital role in the way we communicate, consume content, conduct business and more. For organizations and businesses in every vertical, mobile applications are no longer an option, but a requirement in order to stay ahead of the curve and relevant with their customers. Read on to learn about hybrid versus native mobile development when it comes to methodologies, risks and tools.
Read More »
HIPAA COMPLIANCE

The Need for HIPAA Compliance in the Crowded Mobile Health Space

Aug 08, 2016 By Paul Curran | As the mHealth (mobile health) vertical continues to expand from healthcare apps to fitness trackers, from doctor appointment scheduling helpers and peer support communities, the control, and privacy that the end users have over our personal health records is being increasingly jeopardized. New applications and digital health resources keep emerging which make it unclear whether or not the sensitive data stored within will be secured and covered under the Health Insurance Portability and Accountability Act (HIPAA).
Read More »
Secure SDLC-01

The Best Ways to Ensure a Lasting Secure SDLC

Aug 05, 2016 By Sarah Vonnegut | To start the discussion on why a Secure SDLC is more important now than ever, we need to take a look at the evolution in applications and how they’re being secured. Both applications and the way organizations are tasked with securing them have changed dramatically over the past few decades.
Read More »
PCI compliance

PCI Compliance for Version 3.2: FAQs and To-do’s

Aug 03, 2016 By Paul Curran | As families all across America dress up and trickle into the streets for trick-or-treating on October 31st, 2016, there is one more ghost that will be vanishing into the chilly, autumn air at midnight: PCI DSS version 3.1.
Since the introduction of PCI DSS 3.2 in April 2016, organizations have been working hard to ensure that they’re compliant with these new standards put forth by Payment Card Industry Security Standards Council (PCI SSC).   What threats to the payment card industry prompted this incremental update and what new protections will version 3.2 contain?
Read More »
Mobile App Security

Common Oversights in Mobile App Security

Aug 02, 2016 By Kevin Beaver | Mobile apps arguably have the greatest number of security flaws of any enterprise system – and no one seems to know much about them. Mobile app security flaws are numerous across all types of business apps. But why?   Perhaps it’s the mentality that “it’s just an app” or the reality that many business owners, especially those in smaller businesses who might not have advanced security, fall for the marketing hype of “we’ve got to have a mobile app,” without including security in the discussion. Mobile apps are as complex as ever, yet the security flaws are very predictable – and the bad guys know it.
Read More »
Pentesting Blogs

The 13 Most Helpful Pentesting Resources

Jul 26, 2016 By Sarah Vonnegut | Penetration testing, more commonly called pentesting, is the practice of finding holes that could be exploited in an application, network or system with the goal of detecting security vulnerabilities that a hacker could use against it. Pentesting is used to detect three things: how the system reacts to an attack, which weak spots exist that could be breached, if any, and what data could be stolen from an active system.
Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

REQUEST A DEMO
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.