Checkmarx Blog


What you need to know – Ashley Madison’s affair with cyber security

Jul 21, 2015 By Amit Ashbel | 37 million users have had their most sensitive details harvested in the latest Ashley Madison hack. A team named the “Impact team” claimed responsibility for the attack however there is no clear knowledge yet as to how the attack was performed. Some of the data was immediately published online by the hackers, however ALM (The Toronto based company which owns the website amongst other websites of similar nature) were able to take down the links/websites pointing to the stolen data.
Read More »
Untitled design (8)

5 Steps That WILL Raise Your Developers Information Security Awareness

Jul 17, 2015 By Sarah Vonnegut | In the same post where Bruce Schneier famously said that he personally believes “that training users in security is generally a waste of time, and that the money can be better spent elsewhere,” he added an important caveat about training developers. Developers, he wrote, “are people who can be taught expertise in a fast-changing environment, and this is a situation where raising the average behavior increases the security of the overall system.”
Read More »
Internet of Things

Internet of Things (IoT): Hack My Ride

Jul 15, 2015 By Sharon Solomon | Automobiles have come a long way since they were introduced to the masses at the beginning of the 20th century. Once measured by the roar of their engines and the comfort of their seats, today’s cars have metamorphosed into interactive computers on wheels. With the Internet of Things (IoT) phenomenon now taking the world by storm, a wide range of vulnerabilities are being exposed on today’s advanced automobiles. So what is the security situation right now and what can be done to ensure automotive safety going ahead?  
Read More »

Everybody needs security aware neighbours

Jul 07, 2015 By Amit Ashbel | YIT (Yedioth Information Technologies) is a leading IT company and software house, specializing in internet and mobile solutions. Established 15 years ago as the IT arm of Yedioth Aharonoth Group, in order to supply technology solutions to the entire Group, YIT extensive experience drove its expansion to deliver same expertise to various market leading customers.
Read More »
9 Essential Secure Coding Principles To (1)

9 Secure Coding Practices You Can’t Ignore

Jul 01, 2015 By Sarah Vonnegut | Writing secure code is no longer an option. With financially motivated crime at the top of the web app attack food chain, according to the latest Verizon Data Breach Investigation report, your organization will be hard-pressed to come out on top if you suffer a breach. In order to ensure our organizations and customers are secure, software developers must be able to create code that stands the test of time – only accomplished with proper techniques and a commitment to consistency throughout the organization.
Read More »

Checkmarx Receives $84 Million Investment From Insight Venture Partners to Further Accelerate Growth

Jun 25, 2015 By Sarah Vonnegut | Checkmarx, a global leader in software application security, today announced a $84M investment from New York-based venture capital and private equity firm, Insight Venture Partners. The new round of capital will be primarily used to further accelerate growth through product innovation and global expansion.
Read More »
phone with key on white background. Isolated 3D image

Mobile Security In Limbo With Coding Vulnerabilities Galore

Jun 24, 2015 By Sharon Solomon | It’s no secret is that the smartphone is the modern man’s best friend. Over 7 billion mobile devices are being used today all around the world and they are multiplying 5 times faster than human beings. With the astronomical amounts of private information being transferred worldwide, the need for strong mobile security has become paramount. Unfortunately, the news about new vulnerabilities and high-profile breaches are raining down on us.
Read More »

21 Awesome Talks and Resources on Security and DevOps

Jun 22, 2015 By Sarah Vonnegut | As we wrote about last week, the explosion of DevOps – with 88% of businesses saying they’ve adopted or will adopt DevOps within the next five years – has made it clear that we need to tightly integrate security in the fast-paced, iterative cultures that are DevOps organizations.   We can’t fight DevOps, if we ever did. DevOps is good all around when done right – and security plays a big part in helping DevOps organizations thrive. And luckily for you, lots of security and DevOps people already have experience in how to work in harmony together – and even better, they want to pass their knowledge along. There is some great watching and reading material to draw inspiration, ideas and advice from – so we gathered up 21 of the best talks and other resources we’ve seen to help you along the way.   
Read More »
Application Security Program Leader

8 Problems Every Application Security Program Leader Has To Tackle

Jun 17, 2015 By Sharon Solomon | Despite the astounding rise in cybercrime and hacking incidents worldwide, the modern Application Security Program Leader faces numerous bumps and obstacles on a daily basis within his organization. Application security has come a long way in the last decade, but the inherited limitations of the traditional solutions are not making life easy.
Read More »
Sign start on an empty road

Security and DevOps: How To Get Started

Jun 11, 2015 By Sarah Vonnegut | The Rise of DevOps
  The methods we use to develop software have gone through radical transformations over the last five years. ‘Slow and steady’ has evolved into quick and agile methodologies like DevOps.   Based on disrupting the silos between Developers and Operations, DevOps embraces the idea of a shared culture of trust, collaboration and automation. By creating cross-functional teams, organizations have reported numerous benefits, not least of which is from a major increase in communication and reliance between teams, which share responsibility for on-time deploys, uptime and downtime.   And it’s taking over the world.
Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.