Checkmarx Blog


5 Recommendations From Top CISO’s For A More Secure Future

Dec 12, 2013 By Sarah Vonnegut | 19 of the top CISO’s and security executives from around the world came together to give their advice on what security teams should be focusing on in the New Year. This week, the Security for Business Innovation Council (SBIC) released an in-depth report expounding on the suggestions. The major industry thought leaders included FedEx CISO and VP of Information Security Denise D. Wood, Coca Cola’s CISO Renee Guttmann, and Intel Chief Security and Privacy Officer Malcolm Harkins, among other security big shots. 
Read More »

Stop the Neglect – Scan Your Source Code Before You Regret

Dec 11, 2013 By Sharon Solomon | Hacktivism, commercial malware and criminal exploitation have become the norm in today’s cyberspace. This worrying trend has magnified the need for a comprehensive testing solution that can be integrated into the SDLC. Enter Source Code Analysis (SCA).
Read More »

Faux Google SSL Certificates Issued By Finance Ministry in France

Dec 10, 2013 By Sarah Vonnegut | Google spoke out this week after security engineers discovered fake SSL certificates linked to a French government agency earlier this month. On December 3rd, security engineers found that a government agency in France was using unauthorized digital certificates on various Google domains, including Gmail, which allowed the agency to act as man-in-the-middle of private domains and sites they did not own.
Read More »

UCSB Hosts International Hacking Contest – Students Lock Horns

Dec 09, 2013 By Sharon Solomon | The UCSB hosted yet another mega-contest featuring the best hacking minds in the world. Pizza, coffee and laptops were found in abundance on the premises last weekend, as young minds from over 40 countries did battle for the bragging rights and a $1,024 bounty.
Read More »

This Week In Application Security News: December 2 – 8

Dec 08, 2013 By Sarah Vonnegut | In this week’s news update, we’re all just tiny specks on the NSA’s enormous surveillance map, Obama can’t have an iPhone like his cooler daughters, the Brightest Flashlight app has a dark history of data stealing, and more.
Read More »

Hacker’s Paradise – New Virus Transfers Stolen Data Using Inaudible Sounds

Dec 06, 2013 By Sharon Solomon | Air-Gap Jumping Communication. Networkless hacking. Sci-fi movie themes are now turning into reality. German researchers Michael Hanspach and Michael Goetz have created what can potentially become the driving force behind the next-gen malware. Security experts be warned – offline computing is not going to be safe for long. 
Read More »

Free Wi-Fi Hotspots – A Risky Luxury

Dec 04, 2013 By Sharon Solomon | The wireless revolution has turned internet access into a basic necessity. Social media networking and entertainment on-the-go are in high demand. In this reality, Wi-Fi hotspots are seen as blessings, even when the signal is coming from an unknown source. But this is a huge security risk that people rarely take into consideration.
Read More »

CISO’s: Pre-Planning Your Application Security Program

Dec 03, 2013 By Sarah Vonnegut | Application Security is never a ‘one-and-done’ deal. It is ongoing, ever-evolving, and its’ centrality in organizations ever-growing. As technology’s scope and complexity increases, the emphasis on application security needs to grow as well; No matter which stage you are in the maturity model, application security is a constant in your approach.
Read More »

Istana Website Hacked; Singapore Cybercrime On The Rise

Dec 02, 2013 By Sharon Solomon | The list of hacked websites just keeps getting longer. The Istana website, official cyber-domain of Singapore’s Presidential Office, is the latest high-profile casualty. The Singaporean police have arrested two suspects, who have been charged under the Computer Misuse and Cybersecurity Act, punishable by up to five years in prison.
Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.