Checkmarx Blog

blog-apac-threats-part3

Cyber Threats Facing APAC – Applications

Feb 13, 2017 By Arden Rubens | New and improved fast paced technologies are offering us exciting ways to live, are helping us at work, and continue pushing the boundaries of innovation and efficiency. However, along with all of the good comes the bad – the raised risk and exposure to security threats. In part one and part two of our three part series on cyber threats facing the Asia Pacific (APAC) region, we established that APAC has the worst record in terms of cyber security, with its countries some of the most vulnerable in the world and the discovery of breaches taking over three times longer than the global average.
Read More »
blog-ransomware-3

Speed up and Save: The ROI of Shifting Security Left [VIDEO]

Feb 09, 2017 By Paul Curran | A key differentiator for application security testing solutions (AST) is the ROI that each method brings to the organization. How much time can be saved? How much money can your organization save during remediation? When vulnerabilities make it past the development stage and onto production, how many different departments need to be involved in remediation efforts? These are all questions that need to be considered when deciding which security solution brings the most value to your organization.    AST ROI can be measured in terms of cost of company resources in dollars, personnel and time needed to remediate detected vulnerabilities.
Read More »
blog-jan-hacks

January 2017: Top Hacks and Breaches [INFOGRAPHIC]

Feb 08, 2017 By Arden Rubens | The new year started with a whole new collection of hacks and security breaches. On the 4th of January, the known hacker CyberZeist claimed to have hacked the FBI’s website and proved it by leaking personal account information of several FBI agents. The hack happened by the exploitation of a zero-day vulnerability in the Plone CMS, according to a report by Hacker News. Since, Plone has denied that there was a zero-day vulnerability, yet released a security update on the 17th of January to “patch various vulnerabilities”.  
Read More »
thumbnail_rsa-2017-blog-graphic

A First Timer’s Guide to the RSA USA Conference: 2017 Edition

Feb 07, 2017 By Sarah Vonnegut | Each February, the security world comes together in the techiest city in the world for a packed week of seminars, keynotes, checking out the latest and greatest security technologies, and of course, lots of parties. If you’ve never been to the RSA Conference and are planning on going in just a few short weeks – you’re in for a wild ride!
Read More »
DevSecOps

DevOps & The Secure SDLC: Breaking Down Barriers with DevSecOps

Feb 02, 2017 By Sarah Vonnegut | The adoption of DevOps in enterprises around the world has created a whole new meaning to constant, rapid innovation and delivery. Iteration after iteration, DevOps is designed to improve the end product endlessly, pushing the limits of speed and collaboration.
Read More »
blog-ransomware

Cybersecurity in 2017: Interview with OWASP Author Jim Manico

Jan 29, 2017 By Paul Curran | As the software world still reels from the major hacks and breaches that occurred, and surfaced, in 2016, it’s critical that organizations ensure that their code security gets the attention that it deserves in 2017, and beyond.   In order to gain some quick insight into the application security landscape for 2017, we conducted a short interview with Jim Manico.
Read More »
blog-chrome-extensions

8 Chrome Extensions Every Security Pro Needs

Jan 25, 2017 By Arden Rubens | Google Chrome is the most popular web browser, and it comes with a large library of Chrome extensions with the aim of helping you customize your browsing experience. And with so many options, it can be hard to find the extensions which are right for you. Therefore we put together this list featuring the top Chrome extensions every security professional needs.
Read More »
blog-retail

The Season of Retail Hacks

Jan 15, 2017 By Arden Rubens | Vera Bradley, fashion retail brand, is one of the many recent cybercrime victims. This luggage and handbag design company revealed that earlier this year, payment systems at multiple locations were hacked, and that an unknown number of personal payment cards used by customers may have been compromised.   With this hack, Vera Bradley joined the large group of retail companies targeted and then successfully attacked by hackers. The group of victim companies includes many heavy hitters such as Target, Home Depot, and Neiman Marcus.
Read More »
General Data Protection Regulation

General Data Protection Regulation: A Short Guide to Data Security in the GDPR

Jan 09, 2017 By Sarah Vonnegut | A new wave of privacy and security reform is about to sweep through Europe – and it affects most of the world, as well.   After years of back-and-forth and heated discussions about the current state of data security, the European Union has adopted a new data protection framework, called the General Data Protection Regulation, or GDPR. This Regulation is a totally new legal framework for how personal data is used and processed, and applies well beyond the borders of Europe.
Read More »
SECURITY COMPLIANCE

MISRA C: Security Compliance from the Streets to the Skies

Jan 08, 2017 By Paul Curran | The Motor Industry Software Reliability Association (MISRA) is an organization whose mandate is “to provide assistance to the automotive industry in the application and creation within vehicle systems of safe and reliable software.” MISRA’s steering committee steering is made up of a mixture of automotive manufactures, such as Ford and Jaguar, component suppliers as well as The University of Leeds.   While MISRA is commonly known for it’s safety and security standards for the automotive industry, this organization produces comprehensive software guidelines which aim to standardize code safety, security and reliability in software used in a variety of sectors.  
Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.