Tag : Application Security

What’s Hot in Application Security Vol #11

May 09, 2012 By Administrator | Is fear in the Cloud misplaced?
Who’s afraid of the big bad cloud? Everyone apparently! Corporations, Public Companies; the list is endless. Cloud Security is synonymous with problems. When we consider Cloud Security we think about application security and guarding sensitive data. Cloud Security has been one of the things on the front of the minds of IT directors for years as they ponder; how do we migrate data out of the corporate data centers to the cloud?

</Read More>

What’s HOT in Application Security Vol#10

Apr 30, 2012 By Administrator | What’s Wrong with the Public Sector?
They’re failing OWASP Top 10!  
OWAP Top 10- the bible of web applicaiton vulnerabilties, the benchmark vulnerabilities by which most organizations should by going by; who’s their worst pupil? The Public Sector.

</Read More>

Whats HOT in Application Security Vol #9

Apr 24, 2012 By Administrator | Lady Gaga keeps her poker face in light of SQL Injection!
Lady Gaga’s website had a ‘Bad Romance’ with an SQL Injection attack, revealing the personal details of thousands of fans! The hack was reported more than six months ago and was committed by a group of hackers going under the pseudoname ‘SwagSec’. Even though the hackers never actually published the personal information of the fans, it is a major embarrassment for Lady Gaga’s team.

</Read More>

What’s HOT in Application Security Vol #8

Apr 16, 2012 By Administrator | Would you Trade your freedom for Application Security?
OWASP’s Dan Greer recently gave the keynote speech at the “Application Security Matters’ conference where he delved into the problems and issues arising from the inconsistencies in application security. There are many things which contribute to lousy application security- not taking the necessary steps to protect your code, protect your data and poorly written and bloated code. What can one do about it?

</Read More>

What’s HOT in Application Security Vol#7

Apr 11, 2012 By Administrator | SQL Injection- the Number One Security Concern
Cybercriminals are using SQL injection to attack both websites and internal databases. Why are they doing this? The answer is simple- to seek sensitive data which could be used for black market activities or even identity theft. Most public websites don’t even fully understand how totally ‘at risk’ their websites are.

</Read More>

Webinar Recording: The Business Value of Partial Code Scanning

Mar 29, 2012 By Administrator | We are pleased to present you with the recording of the latest webinar that was held on the 22nd of March. The webinar was presented by: Kevin Beaver of Principle Logic (http://www.principlelogic.com/)
Maty Siman – Foudner & CTO of Checkmarx (https://www.checkmarx.com)

</Read More>

Top 5 Cyber Threats to Businesses

Mar 28, 2012 By Administrator | According to FBI Director Robert Mueller, cyber-crime is on track to
surpass terrorism as the most serious security threat in the United States. Businesses in particular face an increasing risk of exposing themselves to cyber-attacks. Here is a list of the top five cyber threats that threaten businesses today.

</Read More>

What’s HOT in Application Security Vol#6

Mar 26, 2012 By Administrator | Application Security- Not Sufficient!
A study was recently conducted among 800 It executives which found that there is a huge difference between the perception of Security from the viewpoint of the developer and security professionals. Security professionals view the applications in a far more optimistic light- stating that they are secure enough, whilst developers say that their applications run in their enterprise are no way near secure enough.

</Read More>

Security Digest March 15 – March 18 – 3 vulnerabilities

Mar 18, 2012 By Administrator | What a busy week it was. Endless critical vulnerabilities were found in major platforms. I decided to focus on three of them 1) (CRITICAL) RDP Remote code execution – you server allows incoming RDP (Terminal Server)? The most probably people can gain admin access without having a valid name and password:

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.