Tag : AppSec Program

Security Experts

Security Experts Speak: Biggest AppSec Priorities and Concerns in 2016

Jan 15, 2016 By Sarah Vonnegut | Each year opens a new Pandora’s Box for the security industry, with a slew of never-before-seen evil wonders that can throw anyone not prepared for a loop. That’s why risk management is so critical in our field – since we can’t know what’s to come, we need to prepare as best we can before that worst-case scenario happens. If you’re not a security expert, though, it can be difficult to figure out where to spend your energy over the year in terms of securing your organization. 
To help give a bit of perspective to what top security experts are gearing up for this year, we asked eight of the world’s top security experts in various roles, including a pentester, several CISOs, a secure developer, a security engineer and an international speaker on security topics, to share their thoughts with us.  

</Read More>
Proactive AppSec

The Ten Commandments of Proactive Application Security

May 29, 2015 By Sarah Vonnegut | When you’re constantly reacting to suspicious alerts and fixing vulnerabilities only after they’ve been exploited, you’re missing the point of application security.   Application security, according to Wikipedia, “encompasses the measures taken throughout the code’s life-cycle to prevent gaps in the security policy of an application or the underlying vulnerabilities… of the application.” The practice of application security, at its core, exists solely to protect the data of an organization’s applications and, more importantly, the organization itself.  

</Read More>
6 Tips for Ensuring Your AppSec Program

6 Tips for Ensuring Your Application Security Program Isn’t a Flop

May 08, 2015 By Sarah Vonnegut | Baking security in to our applications is just not an option anymore. The explosion of the number of applications within organizations, coupled with the constant breaches we hear about (and the many more we don’t) don’t allow room for complacency when it comes to securing your organization and customer data.   Yet CISOs and security managers still struggle to receive the support and buy-in for basic application security practices while developers are still making careless security mistakes, all because application security is still not being taken seriously enough.   One of the best ways of getting the organization’s support towards AppSec is coming to the board with a clear, measurable program in place.  And even with an AppSec program in place, it’s difficult to know if you’re “doing it right.” Here we offer six points of attention any security practitioner either implementing or designing an application security program should heed.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.