Checkmarx Launches Infrastructure as Code Scanning Solution to Secure Cloud-Native Applications: KICS

Tag: Application Security Awareness

Breaking Down the OWASP API Security Top 10 (Part 2)

Due to the widespread usage of APIs, and the fact that attackers realize APIs are a new attack frontier, the OWASP API Security Top 10 Project was launched. From the beginning, the project was designed to help organizations, developers, and application security teams become increasingly aware of the risks associated with APIs. This past December,

Read More ›

2019 – Checkmarx Research Roundup

Discovering vulnerabilities like the ones mentioned below is why the Checkmarx Security Research team performs investigations. This type of research activity is part of their ongoing efforts to drive the necessary changes in software security practices among vendors that manufacture consumer-based technologies, while bringing more security awareness amid the consumers who purchase and use them.

Read More ›

Twas the Night of the Go-Live

Twas the night of the Go-Live, and all through the team, We were nervous as ever, at least it would seem. We thought we had done, everything that was right, We were hoping it’s quick, then we’d call it a night.   We had the right tools, at least we thought so, We fired up

Read More ›

Raising Your Software Security Programs to the “STAR” Level

In sporting events, movies, and TV entertainment, we often have STAR athletes and STAR actors/actresses. When going to school, most students strive for an A* (STAR) grade on their assignments, tests, and assessments. In this same context, is there a way for organizations to achieve something similar concerning their software security programs? At Checkmarx, we

Read More ›

Injection Vulnerabilities – 20 Years and Counting

Injection vulnerabilities are one of the oldest exploitable software defects, which unfortunately are still prevalent today. Doing a simple search on cve.mitre.org com for the term injection returns with over 10,852 injection-related vulnerabilities in commercial and open source software since the year 2000, and the number of injection vulnerabilities continues to grow daily. The earliest

Read More ›

Jump to Category