Checkmarx Blog

blog-3-ways-to-prevent-xss

3 Ways to Prevent XSS

Oct 09, 2017 By Sarah Vonnegut | When we discuss vulnerabilities in applications, there are different categories that we come across. Some vulnerabilities are extremely common yet allow for little or no damage should an attacker discover and exploit them, while others are incredibly rare but can have major, lasting impact on the organizations behind the attacked application. Then, there’s the third category: Common and deadly. Cross-Site Scripting,  commonly shortened to XSS, is one of the most common vulnerabilities found in applications, and can cause serious damage given the right time and the right attacker.   Read More »
blog-mobile-hacks-infog

Top Mobile Hacks of 2017 [INFOGRAPHIC]

Oct 02, 2017 By Arden Rubens | Happy October! And we all know what that means… Cooler weather, fuzzy sweaters, pumpkin spiced everything, and National Cyber Security Awareness Month (NCSAM). In honor of NCSAM, we’re taking a dive into the world of mobile and will be sharing ways to keep your developers #CyberAware so that you don’t fall victim to some of the threats, hacks, and breaches we’re discussing in this blog post. Read More »
blog-why-you-need-automated-security-in-an-agile-software-environment

Why You Need Automated Security in an Agile Software Environment

Sep 25, 2017 By Sarah Vonnegut | Today’s business cycles require faster and more innovative results more than ever before in order to stay competitive. As organizations have started speeding up their time to market, they quickly realized the waterfall methodology was no longer working, and responded with the creation and adoption of rapid application development methodologies. One of those methodologies, agile software development is arguably the most popular of these methodologies, and has been adopted by thousands of organizations around the world.   Read More »
blog-coding-securily-in-javascript

How You Can Be Coding Securely in JavaScript

Sep 18, 2017 By Arden Rubens | According to Stack Overflow’s annual Developer Survey, JavaScript dominates as the most commonly used programming language for the fifth year in a row and remains the #1 most popular language by occupation. With its top spot in the programming language world, it should come as no surprise that JavaScript is absolutely everywhere – from your servers to your smartphones.   Read More »
blog-the-equifax-data-breach-what-you-need-to-know

The Equifax Data Breach: What You Need To Know

Sep 11, 2017 By Arden Rubens | All data breaches are bad, but this past Thursday the United States was shook by one of the biggest breaches the world has ever seen. Equifax, a credit monitoring company, disclosed that the breach of its system exposed the Social Security Numbers, driver’s licenses, phone numbers, birthdays and addresses of as many as 143 million Americans.   Read More »
blog-august-infographic

August 2017: Top Hacks and Breaches [INFOGRAPHIC]

Sep 04, 2017 By Arden Rubens | New research shows that at the end of 2016, predictions were being made that the amount of cyberattacks are set to double in 2017 – as we are inching towards the end of 2017, those predictions were made true. And then some. August proved to be a busy month, with cyberattacks hitting every sector and some big names across industries. Let’s take a closer look at the month of August in hacks and breaches.   Read More »
blog-jenkins

A Closer Look: Securing with Jenkins

Aug 28, 2017 By Arden Rubens | Acclaimed by the DevOps world and best known as the leading open source automation server for continuous integration (CI) and continuous delivery (CD), Jenkins is a Java-based program designed to monitor a set of executions in a software environment. Jenkins allows developers to rapidly detect and resolve errors in the code base and boosts automated build testing.   Read More »
blog-hbo-hacks

Timeline: HBO’s Month of Hacks [INFOGRAPHIC]

Aug 21, 2017 By Arden Rubens | For the web is dark and filled with hackers…   Winter came for HBO at the start of August, as they were hit with hacks and data leaks (and a couple of their own mistakes). And as August progresses, we feel it’s safe to say that August marks the Long Night for the cable network, as every few days a new leak or development in the story makes headlines.   Read More »
blog-php-framework

An In Depth Look: Top PHP Frameworks

Aug 10, 2017 By Arden Rubens | PHP is an open source scripting language designed for web development. When the language was first released in 1994, PHP stood for Personal Home Page. Today, PHP is referred to as a backronym – PHP, Hypertext Preprocessor.   PHP is a dynamic language allowing developers run their code instantly, without having to compile it first. What makes PHP unique from other client-side languages is that the code is executed on the server which generates HTML before it’s sent to the client.   Read More »
blog-wireless-ip-cams

Are You Being Watched Through Your Connected Cameras?

Aug 02, 2017 By Arden Rubens | In October 2016, a massive distributed denial-of-service (DDoS) attack left millions of people around the world without major websites – including Twitter, Reddit, and Amazon – by taking them off the grid. This was directly caused by attackers easily guessing easy/default passwords on wireless IP cameras which were infected with a malware and then used to create a botnet. This incident is not only considered one of the biggest cyberattacks ever, but also one of the more recent hacks and breaches revolving around webcams and wireless IP cameras.   Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.