Checkmarx Named a Leader in The Forrester Wave: SAST

Tag: Application Security Testing

What is the ROI of Checkmarx Application Security Testing (AST)?

When it comes to IT security initiatives, many enterprises struggle to quantify business value and return on investment (ROI), often viewing their security spend solely as an insurance expense – a must-have in today’s world of compliance regulations and inevitable cyberattacks. But by implementing the right solutions, organizations can mitigate a multitude of security challenges

Read More ›

Preventing Developer Burnout in the Age of Rapid Software Delivery

“Burnout” happens across all jobs and industries, especially tech. However, developers have always been particularly at-risk of falling victim to burning out, and the COVID-19 pandemic, and the resulting digital shift driven by software, has only escalated this problem. Just look at the trends, as 38% of developers are releasing software monthly or faster, up

Read More ›

Application Security: Turbulence Often Leads to Transformation

Most security and risk (S&R) professionals in our industry have heard of Top 10 Lists. For example, OWASP and their community of contributors have expanded their Top 10 security projects to include Mobile Apps, APIs, IoT, Serverless, Containers, Blockchain, etc. In fact, there are a large number of OWASP Projects currently underway. Comparably, Forrester recently

Read More ›

On the Road to DevSecOps: Security and Privacy Controls per NIST SP 800-53

This past March, the National Institute of Standards and Technology (NIST) released the NIST Special Publication 800-53, Revision 5, which was their final public draft revision. According to the abstract, “This publication provides a catalog of security and privacy controls for federal information systems and organizations to protect organizational operations and assets, individuals, other organizations,

Read More ›

Integrating Checkmarx Security Results within GitLab

The automation and integration of Application Security Testing (AST) is essential for building out a true DevSecOps program. Automation is the easy part. Invoke a security scanners’ REST API or a command line interface inside a pipeline and you can get automated scans. The key, and more tricky part, is integration. What I mean by

Read More ›

Jump to Category