As hackers start attacking our applications more and more, it is imperative that organizations begin treating security testing with the same enthusiasm they give to quality testing. Just like if there are major functionality issues or a feature isn’t working the product doesn’t ship – the same attitude needs to go for deploying with major
Tag: Application Security
You have finally decided to fight cybercrime and protect your application. Great. But picking correctly from the wide range of static code analysis tools available on today’s market has become a challenging task. Besides being ineffective in locating application layer vulnerabilities, picking the wrong solution can lead to developer disengagement, which is the worst thing that can happen to
With Google officially dropping Flash ad support in favor of HTML5, the security aspect of this relatively young programming and scripting language has become extremely crucial. Being a web-based application always invites cybercrime, which means that code integrity is very important. The following article will lay down the most important Application Program Interface (API) coding
With more and more high-profile hackings taking place in recent years, application security has become the call of the hour. But while the awareness is on the rise, not all security officers and developers know what exactly needs to be secured. One aspect that is often overlooked during development is application layer security. The following
Checkmarx is continuing its tradition of hosting the brightest programming and computing minds from Israel’s leading academic institutions. This year it was a group of young kids who are currently honing their skills at the Tel Aviv University (TAU). They are a part of a special program that will enable them to complete their college
The modern metropolitan is becoming more and more computerized. Mega computers are running the show in more ways that can be comprehended – traffic signals, electricity networks, water supply pipes, public transport services and other civil utilities. While the Smart City concept is improving the standards of urban services, how safe really is it for us?
Gone are the days when people frequented their banks to get their errands done. With more and more banking activities being performed online via web and mobile applications, the security risks are rising exponentially. But are banks and financial institutions doing enough to safeguard our privacy and financial assets? What are the risks and what
Online e-commerce has become the rage. Millions of people worldwide are doing their shopping on the various online platforms. But even enormous e-commerce platforms like eBay are not immune to cybercrime, as security researcher MLT demonstrated recently. The culprit this time was Cross Site Scripting (XSS), a common application layer vulnerability that obviously was not detected/remediated during
The IT industry is constantly evolving, with more and more organizations ditching the old Sequential Design Process (Waterfall). Agile Software Development (ASD), an iterative methodology based on collaboration between various cross-functional and self-organizing teams, is becoming the go-to tactic for many organizations across the globe. But Agile software development also requires proper security implementation for optimal results.
The Buffer Overflow vulnerability has been around for almost 3 decades and it’s still going strong. Hackers all around the world continue to name it as their default tactic due to the huge number of susceptible web applications. But what steps are organizations (devs) taking to combat this vulnerability? What role does secure coding play in eliminating this threat? This article