Forrester Report: Why to automate AppSec now.

Tag: Application Security Vulnerabilities

Privilege Escalation on Meetup.com Enabled Redirection of Payments

The Checkmarx Security Research Team recently audited the security of several high-profile websites, including Meetup.com. For those who are not familiar with Meetup.com, it allows users to create an event where people with similar interests gather. Events can be in person, and in light of the ongoing pandemic, many of them have moved to virtual

Read More ›

On the Road to DevSecOps: Securing the Software Driving Mobility

The automotive industry is experiencing radical change—and software is the catalyst. Progressively more software, increasingly intelligent components, and new methods of interaction are finding their way into automobiles of all sizes and price. Software empowering the latest features has become a critical differentiator in this industry, beyond improving road safety, convenience, and fuel efficiency for

Read More ›

On the Road to DevSecOps: Top Three Benefits of CxFlow

Most organizations who are in the process of transitioning to DevOps understand that this new software development methodology is really about a change of corporate mindset, improvements to internal practices, and the usage of development tools that increase an organization’s ability to deliver software at higher rates. DevOps enables organizations to provide timely software solutions

Read More ›

Mutation Cross-Site Scripting (mXSS) Vulnerabilities Discovered in Mozilla-Bleach

As part of the beta testing phase that took place earlier this year for our recently launched Software Composition Analysis solution, CxSCA, the Checkmarx Security Research Team investigated Mozilla-Bleach, finding multiple concerning security vulnerabilities. Patches were released in mid-March 2020, with Checkmarx CxSCA customers using Bleach receiving notice of the issues in advance. Given that

Read More ›

The Road to DevSecOps: Addressing the Challenges of AppSec Awareness

Recently, I had an opportunity to sit down with Kurt Risley and ask him about his experiences and observations when working with organizations who desire to develop a comprehensive AppSec Awareness Program. The Q&A is as follows: Stephen: Since our world relies heavily on software, today more than ever before, software must equal security. In

Read More ›

Jump to Category