Tag : Application Security Testing

Secure Software Development

Secure Software Development Tips – Interview with Josh Feinblum

Oct 25, 2016 By Paul Curran | The fourth, and final, interview in our 2016 National Cyber Security Awareness Month series is with Josh Feinblum, the VP of Information Security at Rapid7. In this series, we have gotten tips for accelerating application security with Dan Cornell of the Denim Group, received insights about managing open source security with Rami Sass of WhiteSource and learned about the importance of security awareness training with Checkmarx’s own founder and CTO Maty Siman.

</Read More>
devops + security-01

4 Keys To Integrating Security into DevOps

Jul 01, 2016 By Sarah Vonnegut | Faster, predictable releases, lower development costs, and a market constantly demanding new features and products have made the ecosystem ripe for the emergence of a new way of developing software. The development world responded to those demands, bringing the DevOps movement from unknown into the mainstream. Multiple releases a day would have been unheard of 10 to 15 years ago. Today it’s the norm.

</Read More>
Copy-of-Copy-of-versus

Great Ways to Get Management on Your Side with Application Security

May 23, 2016 By Kevin Beaver | When it comes to application security, I’ve yet to meet an IT or security professional who hasn’t struggled with getting – and keeping – management on board. The challenges of executive support for security initiatives know no boundaries. Getting management on your side with application security can be a constant battle, what can you do about it?

</Read More>
Security Experts

Security Experts Speak: Biggest AppSec Priorities and Concerns in 2016

Jan 15, 2016 By Sarah Vonnegut | Each year opens a new Pandora’s Box for the security industry, with a slew of never-before-seen evil wonders that can throw anyone not prepared for a loop. That’s why risk management is so critical in our field – since we can’t know what’s to come, we need to prepare as best we can before that worst-case scenario happens. If you’re not a security expert, though, it can be difficult to figure out where to spend your energy over the year in terms of securing your organization. 
To help give a bit of perspective to what top security experts are gearing up for this year, we asked eight of the world’s top security experts in various roles, including a pentester, several CISOs, a secure developer, a security engineer and an international speaker on security topics, to share their thoughts with us.  

</Read More>
Application Security Testing-

Application Security Testing: 7 Steps to a Recipe for Success

Sep 10, 2015 By Sarah Vonnegut | Security tools are becoming more and more popular throughout the world of tech, and for security enthusiasts, and it should be something to celebrate about. But, in reality, we still have a long way to go when it comes to the actual use of the tools.
We’ve known for years about the major gap between security and development, and we’re getting better. But while the proliferation of the DevOps movement has made organizations realize that security is essential to agile processes, we’re still missing a piece of the puzzle. Because while the purchase of security solutions might be increasing, developer use isn’t quite on par.

</Read More>
SAST vs IAST

SAST vs IAST – Which AppSec Solution Is Right For You?

Aug 13, 2015 By Sharon Solomon | With cybercrime escalating worldwide, application security has become a big challenge for organizations and governments. Penetration (Pen) Testing and Dynamic Application Security Testing (DAST) are capable solutions, but have their fair share of inherited deficiencies. Interactive Application Security Testing (IAST), an upcoming security methodology, is being increasingly compared with Static Application Security Testing (SAST). This article will take a closer look at these two security solutions and compare their functionality.  

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.