Tag : Application Security

blog-chrome-extensions

8 Chrome Extensions Every Security Pro Needs

Jan 25, 2017 By Arden Rubens | Google Chrome is the most popular web browser, and it comes with a large library of Chrome extensions with the aim of helping you customize your browsing experience. And with so many options, it can be hard to find the extensions which are right for you. Therefore we put together this list featuring the top Chrome extensions every security professional needs.

</Read More>
Cyber Threats Facing APAC

Cyber Threats Facing APAC – Government

Dec 27, 2016 By Arden Rubens |  
According to report by Deloitte, Singapore, Australia, Japan, New Zealand, and South Korea are the top five countries vulnerable to cyber attacks in APAC, with the stats showing them as nine times more vulnerable to cyber attacks relative to China and India. However, with the amplifying amount of cyber-attacks and a growing cyber-war in the region, organizations (primarily governmental) are waking up to the fact that they need a strong defence and means of protection against cyber security attacks.
 
Though, as the cyber security world is constantly evolving, many major government sites and databases are failing to keep up with the latest security trends and do not apply the proper protection to their assets; proving that, when breached, the damage can be colossal.

</Read More>
Tips to Secure SDLC

Quick Tips To Secure Your SDLC

Dec 22, 2016 By Arden Rubens | Applications have become as complex as ever, and with the constant evolution and advancement of applications, cyber threats have become of the biggest risks that organizations today face – and as most of the past cyber attacks on organizations teach us, those risks can be absolutely disastrous. Therefore, along with the increased business risks and concerns correlating with insecure software, the attention from organizations is significantly more focused on building securely.
 

</Read More>
hacks and breaches october 2016

The Biggest Hacks and Breaches of October 2016

Nov 23, 2016 By Arden Rubens | October proved to be a massive month for hacks and breaches. Hackers everywhere have been keeping busy, from a widespread cyberattack which took down major sites worldwide to the theft of over 3 million cash cards from several top Indian banks.
The US election, a proven hot topic in 2016, came with the Democratic National Committee (DNC) being hacked twice in a month, exposing thousands of emails. And over in Australia, the International Red Cross was hacked and files containing the personal details of blood donors were stolen. Check out the infographic below featuring some of October’s biggest breaches.

</Read More>
keys to avoiding data security breaches

Keys to Avoiding Data Security Breaches

Nov 17, 2016 By Arden Rubens | Data security breaches and exploits continuously make headlines as online organizations and applications are under constant attack by cyber criminals. The number of data breaches are increasing drastically year to year putting millions of people at risk of identity theft and fraud. A consequential data breach has the power to wreck company assets while taking down whole organizations by releasing sensitive data and embarrassing emails, so it only makes sense for an organization to take all necessary steps to protect its data. Data breaches can occur from a variety of different scenarios ranging from large scale cyber attacks and hacking techniques to malicious activity within a system as the result of a portable device, system outage or error, and poor or non-existent security policies. That being said, the most common cause of data security breaches is weak or stolen passwords. In fact, according to Verizon’s “2015 Data Breach Investigations Report”, a whopping 76% of network intrusions occurred as a result of weak credentials. Hackers crack passwords with the help of specific tools and techniques or by using malware or phishing attacks. Once the right password is in the wrong hands, it is game over for the company and the user alike.  Here are some keys to help you avoid data breaches.

</Read More>
threat modeling - The Ultimate Cheat Sheet

The Ultimate Cheat Sheet On Threat Modeling

Nov 08, 2016 By Arden Rubens | Security has become a major concern in recent years with hacks becoming bigger and risks becoming greater. Today’s software must be built with the ability to combat and cope with various malicious attacks, and yet, many software developers still might miss a crucial step while creating a secure SDLC (software development lifecycle) process. In order to ensure secure software development, alongside conducting risk management, one of the first steps in your SDLC should be Threat Modeling.

</Read More>
Information Security Jobs, Salaries and Opportunities

Information Security Jobs, Salaries and Opportunities for Developers Willing to Upgrade

Nov 03, 2016 By Paul Curran | Developers who choose to augment their coding knowledge with secure development skills will find themselves in the most in-demand career field as the massive growth in cyber attacks continues to force organizations, and governments, to strengthen their cyber war chests with more advanced tools, increased budgets and larger teams. Read on the learn about the information security jobs, salaries and opportunities for developers willing to upgrade their skills.

</Read More>
open source security with Rami Sass

Managing Open Source Security – Interview with Rami Sass

Oct 10, 2016 By Paul Curran | The second in our series of our 2016 National Cyber Security Awareness Month (NCSAM) interviews is with Rami Sass, co-founder and CEO at WhiteSource, the solution that helps engineering executives all over the world to effortlessly manage the use of open source components in their software.

</Read More>
APEX CODING LANGUAGE

ABC’s of Salesforce’s Apex Coding Language [Infographic]

Sep 14, 2016 By Paul Curran | With Salesforce’s giant annual conference, Dreamforce, fast approaching in early October, now’s the time to brush up on their proprietary programming language, Apex. As a strongly typed, object-oriented programming language, Apex allows developers to execute flow and transaction control statements on the Force.com platform server while performing calls to the Force.com API.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.