Checkmarx Acquires Custodela to Bring Enhanced Automation to DevSecOps Programs!

Checkmarx Blog

Common Oversights in Mobile App Security

Mobile apps arguably have the greatest number of security flaws of any enterprise system – and no one seems to know much about them. Mobile app security flaws are numerous across all types of business apps. But why?   Perhaps it’s the mentality that “it’s just an app” or the reality that many business owners,

Read More ›

The 13 Most Helpful Pentesting Resources

Penetration testing, more commonly called pentesting, is the practice of finding holes that could be exploited in an application, network or system with the goal of detecting security vulnerabilities that a hacker could use against it. Pentesting is used to detect three things: how the system reacts to an attack, which weak spots exist that

Read More ›

Secure JavaScript Applications

The Only Way to Build Effective and Secure JavaScript Applications

JavaScript is everywhere. It runs on your smartphone, personal computer and even on your server. That much power comes with a lot of responsibility. Keeping JavaScript code clean and secure is the only responsible way to write JavaScript. Given the vast proliferation of JavaScript, there is a myriad of ways to write poor code as everyday hackers target

Read More ›

Malicious Mobile Apps and Pokemon GO Hacks: A Brief History + Infographic

The Pokemon GO craze has blown up since it was released on July 6th, with the number of daily users topping Tinder, Snapchat, Instagram and Facebook. Video after video depicts people you never thought would be into Pokemon roaming around public parks and stores with their phone in their hand, on the hunt for Jigglypuffs

Read More ›

The Biggest Breaches and Hacks of June 2016 Infographic

Each month, we hear about a whole new cascade of security breaches that each bring to mind that saying that the definition of insanity is doing the same thing over and over and expecting different results.  June was no different.    Starting the month off was a massive MySpace hack that could end up being the biggest breach

Read More ›

4 Keys To Integrating Security into DevOps

Faster, predictable releases, lower development costs, and a market constantly demanding new features and products have made the ecosystem ripe for the emergence of a new way of developing software. The development world responded to those demands, bringing the DevOps movement from unknown into the mainstream. Multiple releases a day would have been unheard of

Read More ›

What is Static Code Review?

Static code review, as a phrase, is actually a bit misleading. Static code review refers to two divergent methods of security testing: static code analyis and code review. These methods check code for flaws, security issues and quality concerns that, when combined, help developers ensure that their code is not only free from potential exploits

Read More ›

The Importance of Database Security and Integrity

Databases often hold the backbone of an organization; Its’ transactions, customers, employee info, financial data for both the company and its customers, and much more. are all held in databases, often left to the power of a database administrator with no security training. Database security and integrity are essential aspects of an organization’s security posture.

Read More ›

Jump to Category