Checkmarx Blog

iStock_000025490533Small-300x300

This Week In Application Security News: Nov. 25 – Dec. 1

Dec 01, 2013 By Sarah Vonnegut | Winner of the ‘Worst Week’ award goes to James Howells, who this week realized he threw away a hard drive with 7,500 Bitcoins worth over $7.5 million in current BTC value. Read about his million dollar fumble, the still-unfolding Vodafone breach, new NSA snooping and more in this week’s edition of The Week in AppSec.
Read More »
iStock_000025113752XSmall-225x300

Top-10 Essential Challenges of Mobile Security

Nov 29, 2013 By Sharon Solomon | Mobile Security has become a crucial aspect of protecting sensitive data and information. Malicious attacks once focused on PC’s have now shifted to mobile phones and applications. Mobile makers are aware of this fact and are investing heavily in security.
Read More »
iStock_000024004809Small-300x300

2,000+ Websites Vulnerable With Ruby on Rails Flaw

Nov 28, 2013 By Sarah Vonnegut | A new exploit, discovered by a white-hat hacker, puts users of over 2,000 Websites in danger of attack. Older versions of Ruby on Rails, a popular open source Web app, employ a defective session management system that could affect the users on the thousands of sites that use it. G.S. McNamara, a security researcher based in D.C., first found the vulnerability issue back in September. The exploit is an Insufficient Session Expiration weakness, and McNamara says it’s fairly common. It’s especially dangerous for shared computers with lots of daily user turnover, such as in libraries or internet cafes.
Read More »
iStock_000007816098Small-300x199

Cybersecurity Checklist For Holiday Shopping & Travel

Nov 27, 2013 By Sarah Vonnegut | For many in the U.S., the Thanksgiving weekend officially begins at the end of today’s work day and thus starts the beginning of the holiday season. This year there will already be enough pains to deal with: congested roads, packed stores and airports, not to mention messy weather. One headache you can avoid is Cybercrime, so take these fairly simple steps to keep yourself and your gadgets secure while traveling and shopping.
Read More »
Lock-200x300

NSA Malware Attacks Exposed; Over 50,000 Computers Hacked

Nov 26, 2013 By Sharon Solomon | Edward Snowden, the infamous ex-NSA employee, is still creating waves with his leaked documents. The latest evidence sheds light on the NSA’s hacking capabilities and the extent of the damage done. Tailored Access Operations (TAO), a special unit with a task-force of more than a thousand hackers, orchestrated the cyber-attacks.
Read More »
Webinar1-97x300

Checkmarx and Security Innovation present: Faster & Better Remediation [Webinar]

Nov 25, 2013 By Sharon Solomon | FASTER & BETTER REMEDIATION [Webinar]: WITH SECURITY INNOVATION’S TEAMMENTOR AND CHECKMARX’S CXSUITE. Click HERE to register.  Software security requires that software teams create secure code and validate that the resulting executables are not vulnerable. Static security analysis tools allow development teams to locate and mitigate security issues during the development process. In the meanwhile, security guidance reduces the number of security scan cycles that involve QA, Information Security or other teams.
Read More »
HTTPS-istock-300x199

This Week In Application Security News: November 18-24

Nov 24, 2013 By Sarah Vonnegut | Start your week on top of all the most recent application security news: Bug Bounties programs proved their real worth with a major find in Gmail, Cupid Media was shot with a hacked bow, Twitter stepped up their privacy plan, and more. We’ll get you up to speed on all of AppSec’s latest!
Read More »

Reviewing Scan Results in Checkmarx CxSuite [Video]

Nov 22, 2013 By Sarah Vonnegut | [slideshare id=28484935&doc=checkmarxresultsreview-131121105407-phpapp02-video] In this SlideShare video, we demo the process of reviewing the source code analysis and the steps you need to take in repairing the vulnerabilities. Explore how the CxSuite solution, using state of the art code flow visualization, discovers vulnerable locations and shows the points to best fix the issue and mitigate further risk.
  Related Resouces: A Picture Is Worth A Thousand LoC: Using Code Flow Visualization for Optimal Vulnerability Remediation
A Successful SAST Implementation [White Paper]
Read More »
Obamacare-300x300

Obamacare Website Compromised; Security Issues Surface

Nov 21, 2013 By Sharon Solomon | The Obamacare website has now joined the ever-growing list of compromised portals. Reports of bad user-experience and rumors of security breaches have been making the rounds for weeks, but the newly launched national healthcare website (healthcare.gov) has now apparently fallen prey to a typical Cross-Site Scripting attack. 
Read More »

Operation #AppSecTip 2014 Is Here!

Nov 20, 2013 By Sarah Vonnegut |
We’re excited to announce the launch of the Checkmarx AppSecTips survey!
From now until the end of the year, we invite all Application Security experts and enthusiasts to visit AppSecTips.com and add your professional advice and tips for handling application security. The winner of the top tip, announced on January 1st, will receive the year’s best tech gift: The AR Drone.
Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.