Checkmarx Blog

How Secure Are Your Open Source Components?

For organizations around the world, open source code has allowed faster time to market, decreased the workload for developers and lowered costs for the organization. The ability for great minds from around the world to come together on a piece of code has given us Linux, Mozilla Firefox, WordPress, and hundreds of thousands of other

Read More »

Application Security Knowledge

10 Easy Ways to Increase Your Application Security Knowledge

If youa��re new to the world of security, in whatever capacity, gaining a good understanding of AppSec can seem daunting and distant – but dona��t fear. Becoming more application security aware doesna��t have to be hard or time-consuming. It can be as easy as taking a few minutes out of every day to advance your

Read More »

IoT

Internet of Things (IoT) a�� Hack My Army

It’s nowA�common knowledge that the Internet of Things (IoT) revolution has infiltrated our homes, cars and offices. But even defense forces are going online, with more and more weaponry being operated remotely with the help of dedicated applications. Unfortunately, thisA�has provided politically andA�criminally motivated hackers with new targets to manipulate. Is the modernA�army really prepared

Read More »

RSA Conference 2016: AppSec Track Impressions

2 weeks ago I attended RSA Conference 2016 in San Francisco. I had the chance to attend multiple talks in the AppSec track and listen to what the other vendors, thought-leaders and experts had to say. In a nutshell, all talks and discussions revolved around how to get the developers engaged with the security process.

Read More »

When Booking Your Flight Becomes Dangerous

Flying is a pain. Booking flights can be just as annoying. But, as one of Checkmarxa��s own recently discovered, booking your flight can also be dangerous. David Sopas, a Portuguese security researcher at Checkmarx who hunts bug on the side, found a common, highly disruptive security vulnerability on one of the largest airlines in the

Read More »

Application Security Vulnerabilties

Understanding Application Security Vulnerabilities: Part One

As hackers start attacking our applications more and more, it is imperative that organizations begin treating security testing with the same enthusiasm they give to quality testing. Just like if there are major functionality issues or a feature isna��t working the product doesna��t ship – the same attitude needs to go for deploying A�with major

Read More »

Code Analysis Tools

Static Code Analysis Tools – The AppSec Checklist

YouA�have finally decided to fight cybercrime and protect your application. Great. But picking correctlyA�from the wide range of static code analysis tools available on today’s market has become aA�challenging task. Besides beingA�ineffective in locating application layer vulnerabilities, picking the wrong solution can lead to developer disengagement, which is the worst thing that can happen to

Read More »

Security Testing in the SDLC: A Beginner’s Guide

As requirements for faster release cycles and applications packed with more features than ever keep organizations rushing to production, we cana��t afford to skip a beat when it comes to security. Developers with all stages of security knowhow are being hired, and right beside giving developers a thorough education in secure coding is ensuring the

Read More »

Software Security Assurance: 4 Secrets to Unleashing the Power of Your Program

The software and web applications we design, develop and deploy in our organizations are a major resource in and of themselves, without even considering the critical data they may hold. Building secure software should be an essential part of any organization, and yet software security assurance still lags depressingly behind quality assurance in the vast

Read More »

HTML5 Security

All You Wanted To Know About HTML5 Security

With Google officially dropping Flash ad support in favor of HTML5, the security aspect of this relatively young programming and scripting language has become extremely crucial. Being a web-based application always invites cybercrime, which means that code integrity is very important. The following article will lay down the most important Application Program Interface (API) coding

Read More »

Jump to Category