Checkmarx Blog

Federal Forecast: Cyber Security in 2017

As America still reels from the damage created after the giant Office of Personnel Management (OPM) hack, it’s time to wonder what 2017 has in store for American federal cyber security. It’s not even over yet, and 2016 has been a big year not only for major breaches targeting federal agencies, but also for some

Read More »

encryption security

All About Encryption: Security, News and a Brief History

WhatsApp recently made global headlines with the news that all forms of communication sent through the app feature end-to-end encryption. This additional layer of security which meant that all messages and files would be secured from falling into the wrong hands, but what is needed to properly encrypt data and what happens when sensitive data

Read More »

hacks and breaches July 2016

Major Hacks and Breaches for July 2016 [INFOGRAPHIC]

Summer 2016 continues to heat up with hacks, breaches and discoveries of major vulnerabilities. From automotive to the internet of things(IoT) and from Vietnamese airports to Taiwanese ATMs, July was a big month for cyber security news. Both Fiat-Chrysler and BMW feature in this month’s infographic, although for different reasons as Fiat Chrysler took the

Read More »

Hybrid versus native mobile development

Hybrid versus Native Mobile App Development: Methodologies, Risks and Tools

As our focus changes from content on the web to content on mobile, our mobile devices play an increasingly vital role in the way we communicate, consume content, conduct business and more. For organizations and businesses in every vertical, mobile applications are no longer an option, but a requirement in order to stay ahead of

Read More »


The Need for HIPAA Compliance in the Crowded Mobile Health Space

As the mHealth (mobile health) vertical continues to expand from healthcare apps to fitness trackers, from doctor appointment scheduling helpers and peer support communities, the control, and privacy that the end users have over our personal health records is being increasingly jeopardized. New applications and digital health resources keep emerging which make it unclear whether

Read More »

PCI compliance

PCI Compliance for Version 3.2: FAQs and To-do’s

As families all across America dress up and trickle into the streets for trick-or-treating on October 31st, 2016, there is one more ghost that will be vanishing into the chilly, autumn air at midnight: PCI DSS version 3.1. Since the introduction of PCI DSS 3.2 in April 2016, organizations have been working hard to ensure that they’re compliant

Read More »

Mobile App Security

Common Oversights in Mobile App Security

Mobile apps arguably have the greatest number of security flaws of any enterprise system – and no one seems to know much about them. Mobile app security flaws are numerous across all types of business apps. But why?   Perhaps it’s the mentality that “it’s just an app” or the reality that many business owners,

Read More »

Pentesting Blogs

The 13 Most Helpful Pentesting Resources

Penetration testing, more commonly called pentesting, is the practice of finding holes that could be exploited in an application, network or system with the goal of detecting security vulnerabilities that a hacker could use against it. Pentesting is used to detect three things: how the system reacts to an attack, which weak spots exist that

Read More »

Secure JavaScript Applications

The Only Way to Build Effective and Secure JavaScript Applications

JavaScript is everywhere. It runs on your smartphone, personal computer and even on your server. That much power comes with a lot of responsibility. Keeping JavaScript code clean and secure is the only responsible way to write JavaScript. Given the vast proliferation of JavaScript, there is a myriad of ways to write poor code as everyday hackers target

Read More »

Jump to Category