Application SecurityDevOpssoftware security Why Security and DevOps Desperately Need Couples Counseling Aug 26, 2018 by David Spark While at the 2018 Black Hat Conference in Las Vegas I asked attendees point blank if they think that security and DevOps should be in couples counseling. The universal response was a laugh and then a resounding, “Yes.” The reason couples go to counseling is because they’re not getting along. They’re not communicating. Usually, only the Read More › Application SecurityDevOpssoftware security
Application SecurityDevOpssoftware exposuresoftware security Checkmarx Report: Tackling Software Exposure in the DevOps Cycle Aug 7, 2018 by Maty Siman Today, in an effort to better understand the evolving nature of software delivery and the role security plays, we released a new report, “Managing Software Exposure: Time to Fully Embed Security into Your Application Lifecycle,”which we commissioned with FreeForm Dynamics in coordination with The Register. The report aggregates input from 183 respondents worldwide, the majority Read More › Application SecurityDevOpssoftware exposuresoftware security
Application SecurityDevOpssoftware exposure The Era of Software Exposure Aug 1, 2018 by Bernd Leger Software is at the backbone of the digital transformation We live in a world of massive digital transformation. The technical backbone of this transformation is software. Software can be found everywhere. It is in our homes, in our phones, and in our businesses. Over 80% of the code in today’s software applications is open source. Read More › Application SecurityDevOpssoftware exposure
Application Security Programsoftware exposuresoftware security 20 Ways to Make Application Security Move at the Speed of DevOps Aug 1, 2018 by David Spark Security has been getting a bad rap. For far too long the perceived “inhibitors” have been sidestepped by DevOps in an effort to increase productivity. As Ryan Davidsen, vp, worldwide security solutions, Secureworks, noted, “Traditional approaches for integrating security oversight with application development aren’t keeping pace with the speed required by today’s DevOps teams.” But Read More › Application Security Programsoftware exposuresoftware security
Application SecuritySASTSecure CodingSource Code Analysisstatic code analysis Introducing the Checkmarx Certified Engineer Program (CxCE) Aug 1, 2018 by Liora R. Herman If you were to take a look at the current job market for developers, application security engineers, solution architects, penetration testers, or systems engineers, it’s clear that application security testing skill sets are in high demand. You’ll also notice that Checkmarx has become synonymous with application security testing. Gartner further validated this by naming Checkmarx Read More › Application SecuritySASTSecure CodingSource Code Analysisstatic code analysis
ReDoS in Go May 7, 2018 by Erez Yalon Go Programming Language (also known as Golang) is an open source programming language created by Google. Go is compiled, is statically typed as in C (with garbage collection), with limited structural typing, memory safety features and CSP-style concurrent features. In this blog post, we will recap Go’s security posture facing Regular Expression Denial of Read More ›
Eavesdropping with Amazon Alexa Apr 25, 2018 by Arden Rubens If you’re using an Amazon Echo, your life is undoubtedly made easier. Instead of searching on your phone the “old fashioned” way, you can simply ask Alexa what the weather is like, to play your favorite song, or to dim the lights. For the Echo, similar to the Google Home with voice assistant, listening is Read More ›
Application SecurityRansomware Decrypting JobCrypter Mar 19, 2018 by Erez Yalon Ransomware has been a growing issue for some time now. It has evolved into a big business, moving millions of dollars yearly from victims’ pockets into those of attackers. The modus operandi of ransomware authors is to infect your machine through any vector (phishing, drive-by browser exploits, waterholing, etc.) and then proceed to encrypt your important files. Read More › Application SecurityRansomware
How Secure is Your Online Banking App? Feb 26, 2018 by Sarah Vonnegut Banking has gone digital. Nearly every major bank offers both an online portal as well as a mobile app, and people seem to prefer it that way. A recent PwC survey found that 46% of consumers only use online banking, a massive jump from their previous survey in 2012, in which only 27% used online Read More ›
The History of JavaScript [INFOGRAPHIC] Feb 12, 2018 by Arden Rubens JavaScript was created by Brendan Eich, a Netscape Communications Corporation programmer, in September 1995. It took Eich only 10 days to develop the scripting language which was then known as Mocha. Read More ›