Checkmarx Blog

Top JavaScript Frameworks

Top JavaScript Frameworks for Web Applications

Jun 27, 2016 By Paul Curran | JavaScript is the language behind nearly 90% of all websites today, but what are the top JavaScript frameworks for web applications? Since first launching back in September 1995, JavaScript continues to dominate as the most popular programming language in the world.
Read More »
Data Security & Integrity

The Importance of Database Security and Integrity

Jun 24, 2016 By Sarah Vonnegut | Databases often hold the backbone of an organization; Its’ transactions, customers, employee info, financial data for both the company and its customers, and much more. are all held in databases, often left to the power of a database administrator with no security training. Database security and integrity are essential aspects of an organization’s security posture. Yet where data used to be secured in fire-proof, ax-proof, well-locked filing cabinets, databases offer just a few more risks, and due to their size nowadays, they offer a bigger attack surface to a larger number of potentially dangerous users.  
Read More »
OWASP Mobile Top 10 Vulnerabilities

OWASP Mobile Top Ten: Avoiding The Most Common Mobile Vulnerabilities

Jun 10, 2016 By Sarah Vonnegut | Another week, another mobile app fiasco. This time around, we learned how an IoT connected car can be controlled through the WiFi installed in the car, enabling Mitsubishi Outlander car owners – as well as attackers – to wirelessly connect to the car’s console, allowing them to do things like turn off the car alarm and mess with the car’s system.
  Even tech giants as big as Apple have struggled with mobile app insecurity issues. Last September, the App Store was hit with its own security scandal when Chinese developers used unofficial versions of Apple’s developer toolkit. That move invited malware into apps that somehow passed through Apple’s security standards and were made available to the masses.   Technology is moving fast – perhaps a bit too fast, if we’re factoring in the ability of organizations to implement high security standards throughout the ranks. But slowing down is not a possibility – security cannot afford to lag behind.
Read More »
Verizon 2016 Data Breach Investigation Report

Verizon 2016 Data Breach Investigation Report – Takeaways

Jun 09, 2016 By Paul Curran | For the ninth consecutive year, Verizon has published its annual Data Breach Investigations Report (DBIR). Read on to find out Checkmarx’s key takeaways from the Verizon 2016 Data Breach Investigations Report report.
The 2016 Data Breach Investigations Report is based on a final dataset of 62,199 security incidents and 2,260 data breaches. These incidents affect organizations in more than 82 countries and the victims are organizations varying in both industry and size.
Read More »

Cyber Crime Statistics Infographic

May 25, 2016 By Paul Curran | How much are cyber attacks costing organizations across the world? Which breaches are the most costly to fix and how prepared are these organizations? Find out in our cyber crime statistics infographic below.
Read More »

Great Ways to Get Management on Your Side with Application Security

May 23, 2016 By Kevin Beaver | When it comes to application security, I’ve yet to meet an IT or security professional who hasn’t struggled with getting – and keeping – management on board. The challenges of executive support for security initiatives know no boundaries. Getting management on your side with application security can be a constant battle, what can you do about it?
Read More »

Do Developers at Facebook use PHP Static Analysis Tools?

May 19, 2016 By Paul Curran | Since its humble beginnings, PHP and Facebook have had an interesting relationship. PHP was at the heart of Facebook code, and in many ways still remains that way, but do developers at Facebook use PHP Static analysis tools?
Read More »

Source Code versus Bytecode Analysis

May 11, 2016 By Paul Curran | In the world of software security, there is an ongoing battle over which category of code analysis delivers a higher level of security into the software development lifecycle (SDLC): source code versus bytecode analysis.
While both bytecode analysis (BCA) and source code analysis (SCA) seem to offer organizations a high level of security when it comes to gauging inherent software risk, which method will expose more vulnerabilities? Which method should your organization be using?
Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.