Checkmarx Blog

HTML5 Security

All You Wanted To Know About HTML5 Security

With Google officially dropping Flash ad support in favor of HTML5, the security aspect of this relatively young programming and scripting language has become extremely crucial. Being a web-based application always invites cybercrime, which means that code integrity is very important. The following article will lay down the most important Application Program Interface (API) coding

Read More »

cybersecurity_organizations_resources

The Cybersecurity Organizations & Resources You Need to Know

No matter where you are on your journey in security, there is always room to keep learning. Especially in the security industry, it’s important to aim for a deep understanding of software and how applications interact on the web. In such a dynamic field, there’s no doubt the learning will never end.   Luckily for

Read More »

Secure Code Review

5 Best Practices for the Perfect Secure Code Review

You’ve worked hard to ensure that security tools and processes are integrated throughout development, and an application or update is days or possibly just hours away from release. Your app is ready to go, right? Wrong! You’ve got one more step in the security process before you can give the green light where security is concerned:

Read More »

OSI Model

Application Layer Security Within the OSI Model

With more and more high-profile hackings taking place in recent years, application security has become the call of the hour. But while the awareness is on the rise, not all security officers and developers know what exactly needs to be secured. One aspect that is often overlooked during development is application layer security. The following

Read More »

Checkmarx

Israeli IT Prodigies Visit Checkmarx HQ

Checkmarx is continuing its tradition of hosting the brightest programming and computing minds from Israel’s leading academic institutions. This year it was a group of young kids who are currently honing their skills at the Tel Aviv University (TAU). They are a part of a special program that will enable them to complete their college

Read More »

Ultimate Guide to CSRF

The Ultimate Guide to Understanding & Preventing CSRF

We hear about SQL injection and Cross-Site Scripting constantly – but there are eight other high-risk vulnerabilities we need to be aware of, just in the OWASP Top Ten. One of those eight is yet another one to keep your eyes out for: Cross-Site Request Forgery, normally shortened as CSRF or XSRF.     CSRF

Read More »

Smart City

Internet of Things (IoT) – Hack My Smart City

The modern metropolitan is becoming more and more computerized. Mega computers are running the show in more ways that can be comprehended – traffic signals, electricity networks, water supply pipes, public transport services and other civil utilities. While the Smart City concept is improving the standards of urban services, how safe really is it for us?

Read More »

All You Wanted To Know About Online Banking Security

Gone are the days when people frequented their banks to get their errands done. With more and more banking activities being performed online via web and mobile applications, the security risks are rising exponentially. But are banks and financial institutions doing enough to safeguard our privacy and financial assets? What are the risks and what

Read More »

Security Experts

Security Experts Speak: Biggest AppSec Priorities and Concerns in 2016

Each year opens a new Pandora’s Box for the security industry, with a slew of never-before-seen evil wonders that can throw anyone not prepared for a loop. That’s why risk management is so critical in our field – since we can’t know what’s to come, we need to prepare as best we can before that worst-case scenario

Read More »

What You Need To Know – Millions of eBay Users Exposed

Online e-commerce has become the rage. Millions of people worldwide are doing their shopping on the various online platforms. But even enormous e-commerce platforms like eBay are not immune to cybercrime, as security researcher MLT demonstrated recently. The culprit this time was Cross Site Scripting (XSS), a common application layer vulnerability that obviously was not detected/remediated during

Read More »

Jump to Category