Checkmarx Blog

1-300x168

Valentine’s Day Hilarious Pickup Lines for Geeks

Feb 14, 2013 By carolineb | We couldn’t ignore these hilarious, geeky pickup lines we saw on mashable.com.
Happy Valentine’s day, Enjoy!
 
Read More »
iStock_000017370216XSmall-300x300

Security Corporations are going Bug- hunting

Feb 12, 2013 By carolineb | Security Corporations are going Bug- hunting
An article published by John Leyden on theregister.co.uk MITRE Corp, the organization which sets the industry standards for classifying security vulnerabilities goes one step further in security. The corporation is now considering the multiplication of Common Vulnerabilities and Exposures (CVE) in order to enhance the quality of bug reports in terms of security. Currently supporting up to 9,999 vulnerabilities, MITRE will be multiplying this digit by one hundred, extending this range up to 999,999!
Read More »
Mission_Impossible

[WEBINAR] – 10 Steps to agile development without compromising security

Jan 23, 2013 By Administrator | Checkmarx is excited to announce our next webinar session – 10 Steps to agile development without compromising security. The webinar focuses on a topic that is gaining a lot of traction within the developer community – securing an agile development environment and in particular continuous integration and continuous deployment. Integrating security into these rapid-paced environments requires a mind-shift from the traditional SDLC measures we’ve all grown to use. Many organizations are now struggling to add security into these new processes but are not sure how, and what are the best practices. We can all benefit from the experience of those who have already adopted and secured these processes.
Read More »

[INFOGRAPHIC] Why ignoring information security is lethal

Jan 17, 2013 By carolineb | Making things Simple. to. understand.                                                                                                                                                                                                               View the source
Read More »
iStock_000014101254XSmall-200x300

What’s HOT in Application Security Vol #40

Jan 14, 2013 By asaphs | Shape Security: Getting Down to the Root of Hacking
When treating an illness, it is generally more effective to treat the source of the problem rather than the symptoms. Shape Security is trying to do the same in the field of website security. While all other products are geared towards a faster, cheaper, and better way of preventing and stopping attackers, Sumit Agarwal, co-founder and vice president of Shape claims that they are “striking at the core mechanics of how those things work and making them harder to do in the future” by focusing on cutting edge attackers and crimeware ecosystem. Basically, it won’t be “offensive security” but defensive security, making it harder and more costly to do any damage.
Read More »
iStock_000004440280XSmall-300x199

How Collective Wisdom Enhances Application Security

Jan 14, 2013 By carolineb | One of the biggest challenges in today’s Application Security is how to map and overcome unexpected hacks as a result of lack of coverage in addition to well-defined hacks. How do we overcome this matter and improve the ability to fix our source code? The Checkmarx R&D team has initiated an unconventional and creative way to solve this trouble. At the OWASP APAC 2013, we will present our research methodology and findings. In particular, we will show how to:
Read More »
fotoklein

The Value of Secure Coding Procedures by Don Eijndhoven

Jan 08, 2013 By Administrator | An interesting post by Don Eijndhoven, CEO of Argent Consulting
I recently had a very interesting conversation with Dave Hyman, VP SaaS at Checkmarx, who asked me how I saw the future of cyber security (or information security, take your pick). Now, as I’m sure you´ll agree with me, that’s a fairly abstract question that can go a lot of ways. My friends will confirm that I enjoy waxing philosophical discussions like that, but given what Checkmarx does with a Cloud based solution for code security, that is the direction this talk went. And there really is a lot to say about secure coding practices that I feel doesn’t quite getting the limelight it deserves. Any Information Security course or lesson in Security certification will stress that security should be part of the code design practice rather than being tacked on at a later stage; I couldn´t agree more. Unfortunately, security precautions made in the coding process, which turns a design into a working product, are often overlooked and that is a mistake.
Read More »

Salesforce Enhanced Security with Checkmarx Solution

Dec 27, 2012 By carolineb |   We simply love making things simple!
So here are some video screencasts introducing our Checkmarx new Salesforce online code scanner. Presenting our solution is Abhinav Gupta, Salesforce and Cloud Solution Architect- go to article and videos.  
Read More »
post

Three compelling reasons to check your mobile app source code- by Kevin Beaver, CISSP

Dec 25, 2012 By carolineb | Three compelling reasons to check your mobile app source code I’m going to put it to you straight: source code analysis is amazingly simple. Unlike penetration testing and complementary security checks, source code analysis has evolved into a literal point-and-click exercise. The hardest part is getting the source code analyzer software installed. Even that’s a non-issue with cloud-based source code analysis services.
Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.