Tag : Application Security

Online Banking Security

All You Wanted To Know About Online Banking Security

Jan 17, 2016 By Sharon Solomon | Gone are the days when people frequented their banks to get their errands done. With more and more banking activities being performed online via web and mobile applications, the security risks are rising exponentially. But are banks and financial institutions doing enough to safeguard our privacy and financial assets? What are the risks and what role do application developers play in providing online banking security? Let’s take a closer look.

</Read More>
eBay XSS Vulnerability

What You Need To Know – Millions of eBay Users Exposed

Jan 14, 2016 By Sharon Solomon | Online e-commerce has become the rage. Millions of people worldwide are doing their shopping on the various online platforms. But even enormous e-commerce platforms like eBay are not immune to cybercrime, as security researcher MLT demonstrated recently. The culprit this time was Cross Site Scripting (XSS), a common application layer vulnerability that obviously was not detected/remediated during development.

</Read More>
Agile Software Development

5 Benefits of Automated Security in Agile Software Development

Jan 06, 2016 By Sharon Solomon | The IT industry is constantly evolving, with more and more organizations ditching the old Sequential Design Process (Waterfall). Agile Software Development (ASD), an iterative methodology based on collaboration between various cross-functional and self-organizing teams, is becoming the go-to tactic for many organizations across the globe. But Agile software development also requires proper security implementation for optimal results. What is the best application security strategy for this popular methodology? Lets find out.

</Read More>
Buffer Overflow

Buffer Overflow: The Mother of All Vulnerabilities

Dec 28, 2015 By Sharon Solomon | The Buffer Overflow vulnerability has been around for almost 3 decades and it’s still going strong. Hackers all around the world continue to name it as their default tactic due to the huge number of susceptible web applications. But what steps are organizations (devs) taking to combat this vulnerability? What role does secure coding play in eliminating this threat? This article also includes an ethical hacker’s Buffer Overflow POC along with a brief Q&A.

</Read More>
Whatyouneed2know

What You Need to Know – Instagram Hacked

Dec 20, 2015 By Amit Ashbel | What was stolen?   An independent security researcher was able to hack Instagram servers and gain access to basically all of Instagram’s secret material.  Wesley Weinberg, was able to put his hands on everything from Instagram’s source code through credentials to email servers, SSL certificates and personal data of employees and users. As part of Facebook’s bounty program, Weinberg started analyzing the Instagram systems to quickly realize he had stumbled on something big.

</Read More>
IoT

Internet of Things (IoT): Hack My Hospital

Dec 16, 2015 By Sharon Solomon | Hospitals and medical clinics were once places where patients were sheltered from the outer world and had the privacy they required for recovering safely. But with the Internet of Things (IoT) revolution in full swing and online health monitoring devices in abundance, the risks involving data leakage and privacy violation are rising exponentially. How safe is today’s healthcare ecosystem? Not very much, as the following article will show you.

</Read More>
Mobile security press roundup-01

The State of Mobile Application Security Press Roundup

Nov 08, 2015 By admin | Think Apple apps are safer than Android? Think again Amanda Schupak, CBS News Apple has a good reputation for security. But a new report finds that its good reputation could be working against it. Software security testing company Checkmarx and mobile app experts at AppSec Labs looked at hundreds of apps for Android and iOS devices and found that each app had an average of nine vulnerabilities that could leave users open to data theft. Continue Reading Which is safer – iPhone or Android?  Gabriel Avner, Geektime A report that cybersecurity experts Checkmarx and AppSec Labs released today has found a set of critical flaws in how developers are writing code for mobile apps that could put a lot of people at risk. Over the course of the past year, these two companies carried out an audit of hundreds of mobile apps, testing them for vulnerabilities. Among those reviewed were banking apps and others containing essential personal information. Continue Reading

</Read More>
Application Security

Eye Of The Hacker: Analyzing Today’s Top Application Security Solutions

Aug 20, 2015 By Sharon Solomon | Rafay Baloch takes no prisoners when it comes to exposing vulnerabilities. An ethical hacker since the young age of 14, Baloch is now known within InfoSec circles as a seasoned security expert. His ever-growing list of “victims” includes leading platforms such as Android, Google, PayPal and Nokia, with the former earning him worldwide acclaim.

</Read More>
Best Practices for Mobile App Security

Mobile Application Security: 15 Best Practices for App Developers

Aug 19, 2015 By Sarah Vonnegut | In 2015, the mobile app is king. The applications we download on our mobile devices entertain us, keep us in touch with our loved ones, show us who’s single nearby, share anything we want about our lives with the world – and so much more. And thousands of new applications are added to the marketplace. Every single day.   There’s a 1991 ad from Radio Shack depicting “great prices” for all the things we now use our cell phones for. ‘High-tech’ devices like s VHS camcorder, a discman, a tape recorder are proudly displayed – all technologies made pretty much obsolete with a variety of handy applications on our much more compact and relatively cheap mobiles.  

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.