Checkmarx Announces New GitHub Action

Checkmarx Blog

How Agencies Can Take Advantage of DevSecOps and Automation to Accelerate ATOs

As federal agencies develop more online services and systems to meet the mission of the U.S. government, their appetite and need to develop and deploy secure software applications rapidly continues to grow. Many agencies are embracing DevSecOps and cloud services as a way to release these applications quickly; however, the need to meet compliance standards

Read More ›

Drupal Core: Behind the Vulnerability

Earlier this year, the Checkmarx Security Research Team conducted an investigation of the new version of Drupal Core (Drupal 9) – a content management system (CMS) written in PHP – uncovering several interesting issues whose technical details are worth discussing openly. This article covers the technical facets of CVE-2020-13663 that were made public by Checkmarx

Read More ›

Apache Unomi CVE-2020-13942: RCE Vulnerabilities Discovered

“Apache Unomi is a Java Open Source customer data platform, a Java server designed to manage customers, leads and visitors’ data and help personalize customers experiences,” according to its website. Unomi can be used to integrate personalization and profile management within very different systems such as CMSs, CRMs, Issue Trackers, native mobile applications, etc. Unomi

Read More ›

5 Irrefutable Reasons to Prioritize Software Security

These days, technology is evolving at a pace like never before seen, forcing organizations into an “adapt or die” situation. And, as digital transformation accelerates, everyone is feeling the effects. DevOps leaders, AppSec managers, and developers are certainly no exception, as they’re being tasked with developing and deploying software at a faster rate to keep

Read More ›

Checkmarx Solutions Now Available for Purchase on AWS Marketplace

Checkmarx is excited to announce that our solutions are now available for purchase via AWS Marketplace! With this, organizations can easily procure and deploy Checkmarx application security testing products – CxSAST, CxIAST, CxSCA, and CxCodebashing – into their AWS CI/CD pipelines to ensure security and compliance across all applications running in the AWS cloud environment.

Read More ›

Jump to Category