Checkmarx Blog

blog-the-abcs-of-appsec-testing-iast-sast-1

The ABCs of AppSec Testing: IAST & SAST

Jun 15, 2017 By Arden Rubens | With cybercrime on the rise, application security remains a massive challenge for organizations and governments across the globe. When it comes to the safety of applications, Penetration Testing (Pen Testing) and Dynamic Application Security Testing (DAST) both remain standing as capable solutions, but both come with a fair share of inherited weaknesses which raise significant limitations within today’s development landscape.   Read More »
blog-how-to-raise-cybersecurity-awareness

How to Raise Cybersecurity Awareness at all Levels of Your Organization

Jun 15, 2017 By Sarah Vonnegut | We’ve said it once and we’ll say it again: an organization is only as secure as its weakest link. Most, if not all, of your employees are online and on their mobile devices in your workplace, whether you have a BYOD policy in place or not. Developers release software with millions of lines of code, your management discuss and share privileged information, and the rest of the organization opens emails regardless of whether they know the sender or not.   Read More »
blog-why-your-enterprise-needs-devops

Why Your Enterprise Needs DevOps

Jun 12, 2017 By Sarah Vonnegut | The buzzword of the decade is far from just a trend as organizations struggle to keep up with competition. There’s a reason DevOps is so often discussed and highly regarded. As organization after organization makes the switch and reaps the rewards offered by the DevOps culture, it’s time for all those who could enjoy DevOps to at least try it out. By improving software development at every stage, successful organizations have found, they can also improve on quality, stability, and business benefits. Curious? Let’s find out why your enterprise needs DevOps. Read More »
blog-may-infographic

May 2017: Top Hacks and Breaches [INFOGRAPHIC]

Jun 05, 2017 By Arden Rubens | It’s only May, and 2017 is well on its way to set a new cyberattack record. As new statistics show, there have been over 1,200 reported data breaches and around 4,800 discovered vulnerabilities released in the first quarter of this year. So, while this post may focus on the month of May – and some of the hacks and breaches that came with it, including one of the largest cyberattacks of all time – we should brace ourselves for a wild ride as the year continues.   Read More »
blog-stand-out-with-your-appsec-routine-1

5 Steps to Stand Out with your AppSec Routine

Jun 01, 2017 By Sarah Vonnegut | In most organizations, Application Security is sadly behind in adoption, especially when compared to Network Security. And yet, with 84% of attacks aimed at the application layer, we need to turn our focus more towards AppSec. As we use and deploy more and more apps, the interdependencies between them complicate internal infrastructures, leading to more opportunities for misconfigurations and holes that could be used by attackers.   Read More »
blog-media-player-vuln

What You Need To Know: Security Vulnerabilities Found in Major Media Players

May 29, 2017 By Arden Rubens | Major security vulnerabilities have been found in several popular media players – including Kodi, PopcornTime, Streamio, and VLC – have been uncovered in new research released by Check Point. Around 200 million users could potentially be at risk.   Read More »
blog-a-closer-look-owasp-top-10-application-security-risks

A Closer Look: OWASP Top 10 Application Security Risks

May 22, 2017 By Arden Rubens | Open Web Application Security Project (OWASP) is an organization filled with security experts from around the world who provide information about applications and the risks posed, in the most direct, neutral, and practical way. Since 2003, the OWASP Top 10 releases a list every four years consisting of the top biggest Application Security Risks.   Read More »
blog-owasp-infographic

INFOGRAPHIC: OWASP Top 10 Application Security Risks

May 19, 2017 By Arden Rubens | The OWASP Top 10 Application Security Risks 2017 has just been released for public comment. The list takes a good look at the most critical application security risks facing organizations and developers today, with the big goal of raising awareness, upping the knowledge, and helping security teams and developers release secure applications.  Read More »
blog-dbir-2017

Takeaways from the Verizon 2017 Data Breach Investigation Report

May 15, 2017 By Arden Rubens | The annual Verizon Data Breach Investigations Report (DBIR) was released earlier this month to much anticipation, hitting a big milestone with its tenth-anniversary edition. And once again, it’s proving to be one of the most referenced data breach reports in the cyberworld and a must-read for industry leaders and security professionals across the globe.     For this year’s DBIR, data was collected from nearly 2,000 confirmed breaches and 42,000 security incidents from 20 different industries, spanning across 84 countries. Verizon security experts analyzed the submitted data and put together an extensive look at today’s cyber-universe.   Read More »
blog-wannacry-ransomware

WannaCry? Ransomware Is Everywhere

May 12, 2017 By Arden Rubens | A malicious software called ‘WanaCryptor’ hit the NHS this past Friday. The ransomware caused hospitals across England and Scotland to cancel operations, delay routine practices and divert ambulances, while patient records were made unavailable as infected computers were on lockdown until ransom was paid.   Other high profile targets included FedEx, Germany’s national railway, Telefónica along with many of Spain’s largest companies, and private and personal computers across the world. Once infecting the PC, the software locks up the data and the device, and holds it for ransom. Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.