Tag: Application Security

APEX CODING LANGUAGE

ABC’s of Salesforce’s Apex Coding Language [Infographic]

With Salesforce’s giant annual conference, Dreamforce, fast approaching in early October, now’s the time to brush up on their proprietary programming language, Apex. As a strongly typed, object-oriented programming language, Apex allows developers to execute flow and transaction control statements on the Force.com platform server while performing calls to the Force.com API.

Read More ›

Verizon 2016 Data Breach Investigation Report

Verizon 2016 Data Breach Investigation Report – Takeaways

For the ninth consecutive year, Verizon has published its annual Data Breach Investigations Report (DBIR). Read on to find out Checkmarx’s key takeaways from the Verizon 2016 Data Breach Investigations Report report. The 2016 Data Breach Investigations Report is based on a final dataset of 62,199 security incidents and 2,260 data breaches. These incidents affect

Read More ›

OpenSSL Vulnerabilities: Takeaways from the Latest Patch

The OpenSSL project this week released a series of patches to combat six vulnerabilities that have been discovered as of late, including two high-severity flaws that would give attackers the ability to decrypt HTTPS traffic, execute malicious code on vulnerable servers, and possibly even cause servers to crash. Ironically, one of the flaws was actually

Read More ›

Why SAST is Essential for a Security Vulnerability Assessment

Let’s start with this: the idea of a security vulnerability assessment is certainly not “breaking news”. For centuries, organizations have proactively scanned their physical security in search of real or potential weaknesses, and for decades they’ve shifted their skeptical gaze to IT systems and devices.   And while it’s true that some organizations are better

Read More ›

Everyone Talks About Phishing, But No One Blames XSS

Phishing. An ancient attack by internet standards, that both the general public and developers are aware of to different extents. Phishing relies on social engineering to allow hackers to gain access to sensitive data through fraudulent call-to-actions which mimic alerts from trusted brands and sources.  

Read More ›

Software Security Testing

Who Needs Software Security, Anyway?

In recent years, the advent of mobile and cloud computing revolution has brought to light a serious issue affecting both organizations and individuals: software security. Every day, there’s a new story we hear about some website or application being penetrated, releasing sensitive information that is sold, abused, and exploited. As a consequence, companies lose their credibility (along with

Read More ›

Static Analysis Tools: All You Need to Know

Application security is finally beginning to hit the mainstream, and organizations are beginning to see the benefit and need of securing their applications, both internal and external. With so many facets to AppSec, it can be hard to know where to start, especially when trying to build a program from scratch.

Read More ›

Another Android Stagefright Vulnerability is Exposed

In mid March, the advanced software researchers at NorthBit released a video and detailed research PDF demonstrating proof of concept of a notorious exploit that can essentially offer hackers control over device hardware and data of certain Android phones. This latest exploit of Android’s Stagefright is referred to as “Metaphor.”

Read More ›

Jump to Category