Checkmarx Blog

mobileblog3

The State of Mobile App Security

Nov 05, 2015 By Amit Ashbel | The mobile application industry is growing at an explosive pace, yet security issues of mobile applications are lagging behind. Incidents of mobile application hacking have increased exponentially as attackers and attacks have evolved, using both new and well-known methods of attack to infiltrate apps and collect the as much data as possible. The impact on businesses and end-users is exponentially growing. With more than 1.5 million apps available in the two main app stores, Apple and Android, and hundreds of billions of downloads to date, the mobile landscape has quickly become the main playground for hackers and attackers.
Read More »
Internet of Things (IoT) - Hack My Home

Internet of Things (IoT) – Hack My Home

Nov 02, 2015 By Sharon Solomon | Once a luxury reserved exclusively for the uber-technical or super-rich, the Internet of Things (IoT) phenomenon is invading our private dwellings at an astonishing pace. This revolution has basically connected all commonly used home appliances to the internet. Tech giants worldwide are investing a lot of resources in creating their own Internet of Things (IoT) eco-systems. Unfortunately a lot of this is happening in an unprotected manner, putting millions of people and homes at risk.
Read More »
Securing PhoneGap Apps

The Worst PhoneGap Security Issues And How To Avoid Them

Oct 23, 2015 By Sarah Vonnegut |   Mobile devices have exploded in our modern world. And with the explosion have come implications. Business can be conducted anywhere now, and high-value documents and data can easily be read and shared on the go. While this may be great for productivity levels and greater flexibility, security risks only seem to increase as more cell phones and tablets hit the marketplace.   The customers who use our mobile apps aren’t necessarily thinking about security as they use their phones to do any number of things – and it’s on us if our applications are hit by hackers. Each mobile operating system (OS) comes with its own security risks, and developing secure applications for different platforms, written (and secured) in the appropriate language for the platform, can get tricky.
Read More »
Web Browser Security

All You Wanted To Know About Web Browser Security

Oct 21, 2015 By Sharon Solomon | The web browser has come a long way since its invention in late 1990. Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Explorer/Edge have now taken the world by storm with their evolving user-friendly features. They have boosted productivity significantly thanks to their seamless integration with leading third-party applications and plug-ins. Unfortunately, web browser security is an aspect that is overlooked more often than not.
Read More »
Celebrating National Cyber Security Awareness Month

Celebrating National Cyber Security Awareness Month

Oct 12, 2015 By Sarah Vonnegut | If you’re in need of a great excuse to strengthen – or start – an application security awareness program for your developers, this month is it. October, as you may already know, is National Cyber Security Awareness Month (NCSAM), and hundreds of security-focused organizations, including us, have come together in support of a more secure future for all.   Checkmarx is excited to have partnered up with the National Cyber Security Alliance (NCSA) and the Department of Homeland Security in promoting security awareness, and this year our aim is to raise awareness for application developers. As part of our participation in this year’s Cyber Security Awareness initiative, we’ve launched a site, SecureDevKit.com, dedicated – in October and throughout the year – to teaching developers how to write better, more secure code.  
Read More »
Application Security Testing-

Application Security Testing: 7 Steps to a Recipe for Success

Sep 10, 2015 By Sarah Vonnegut | Security tools are becoming more and more popular throughout the world of tech, and for security enthusiasts, and it should be something to celebrate about. But, in reality, we still have a long way to go when it comes to the actual use of the tools.
We’ve known for years about the major gap between security and development, and we’re getting better. But while the proliferation of the DevOps movement has made organizations realize that security is essential to agile processes, we’re still missing a piece of the puzzle. Because while the purchase of security solutions might be increasing, developer use isn’t quite on par.
Read More »
Android Development

Top 5 Secure Android Development Tips

Sep 01, 2015 By Sharon Solomon | Over 50% of US smartphone users are now actively using Android devices and the security aspect of Google’s mobile platform is under constant scrutiny. With new vulnerabilities and hacking POCs making the news on almost a daily basis, safety concerns are rising. So what lies ahead for this customizable and user-friendly, albeit vulnerable, mobile operating system? How can secure Android development minimize the risks? Let’s find out.  
Read More »
Application Security

Eye Of The Hacker: Analyzing Today’s Top Application Security Solutions

Aug 20, 2015 By Sharon Solomon | Rafay Baloch takes no prisoners when it comes to exposing vulnerabilities. An ethical hacker since the young age of 14, Baloch is now known within InfoSec circles as a seasoned security expert. His ever-growing list of “victims” includes leading platforms such as Android, Google, PayPal and Nokia, with the former earning him worldwide acclaim.
Read More »
Best Practices for Mobile App Security

Mobile Application Security: 15 Best Practices for App Developers

Aug 19, 2015 By Sarah Vonnegut | In 2015, the mobile app is king. The applications we download on our mobile devices entertain us, keep us in touch with our loved ones, show us who’s single nearby, share anything we want about our lives with the world – and so much more. And thousands of new applications are added to the marketplace. Every single day.   There’s a 1991 ad from Radio Shack depicting “great prices” for all the things we now use our cell phones for. ‘High-tech’ devices like s VHS camcorder, a discman, a tape recorder are proudly displayed – all technologies made pretty much obsolete with a variety of handy applications on our much more compact and relatively cheap mobiles.  
Read More »
SAST vs IAST

SAST vs IAST – Which AppSec Solution Is Right For You?

Aug 13, 2015 By Sharon Solomon | With cybercrime escalating worldwide, application security has become a big challenge for organizations and governments. Penetration (Pen) Testing and Dynamic Application Security Testing (DAST) are capable solutions, but have their fair share of inherited deficiencies. Interactive Application Security Testing (IAST), an upcoming security methodology, is being increasingly compared with Static Application Security Testing (SAST). This article will take a closer look at these two security solutions and compare their functionality.  
Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.