Tag : DevSecOps

blog-why-your-enterprise-needs-devops

Why Your Enterprise Needs DevOps

Jun 12, 2017 By Sarah Vonnegut | The buzzword of the decade is far from just a trend as organizations struggle to keep up with competition. There’s a reason DevOps is so often discussed and highly regarded. As organization after organization makes the switch and reaps the rewards offered by the DevOps culture, it’s time for all those who could enjoy DevOps to at least try it out. By improving software development at every stage, successful organizations have found, they can also improve on quality, stability, and business benefits. Curious? Let’s find out why your enterprise needs DevOps.
</Read More>
blog-2017-devops-accounts-1

DevOps and Security Experts You Should Be Following on Twitter in 2017

Feb 23, 2017 By Arden Rubens | Twitter is an amazing wealth of ideas, opinions, and other resources. But with well over 300M users active on a monthly basis, Twitter can also be hard to navigate. There are so many people to follow and so little time to find the right ones.   When it comes to DevOps and Security, there are lots of great thinkers on the front lines of the union – and luckily for us, many are on Twitter. Whether you’re just starting out or are looking for new ways to integrate security within DevOps (and vice versa), Twitter is a great place to seek out info and be a part of the discussions.  
</Read More>
DevSecOps

DevOps & The Secure SDLC: Breaking Down Barriers with DevSecOps

Feb 02, 2017 By Sarah Vonnegut | The adoption of DevOps in enterprises around the world has created a whole new meaning to constant, rapid innovation and delivery. Iteration after iteration, DevOps is designed to improve the end product endlessly, pushing the limits of speed and collaboration.
</Read More>
Blog Headers (5)

RSA Conference 2016: AppSec Track Impressions

Mar 13, 2016 By Amit Ashbel | 2 weeks ago I attended RSA Conference 2016 in San Francisco. I had the chance to attend multiple talks in the AppSec track and listen to what the other vendors, thought-leaders and experts had to say. In a nutshell, all talks and discussions revolved around how to get the developers engaged with the security process. Buy them in, get their participation and educate them. I couldn’t help thinking to myself how all of these things have been on Maty’s and Checkmarx’s agenda for over 10 years.
</Read More>
Application Security Resources

21 Application Security Resources No Developer Should Be Without

Dec 11, 2015 By Sarah Vonnegut | The truth of the matter is, you have no idea what will happen to your code once your application is released. Your code may be used again down the line, it may be altered – and it will most certainly be used in ways you never imagined. Can you start to see why security does actually play an important role in organizations which develop applications?   Luckily, if you’re in a position where you interact with code, you have a direct way to help better secure our applications and devices. And with that power comes responsibility – the responsibility of playing your part in helping secure the world’s software.   To help get those working with code a boost in your security education, we’ve curated a collection of application security resources to assist any developer, wherever you are on your journey into the arduous (yet rewarding) world of application security. Because when it comes to Application Security, your education is never complete.
</Read More>
Blog Headers (1)

DevSecOps: 4 Best Practices the Pros Teach Us About Security and DevOps

Nov 13, 2015 By Sarah Vonnegut | Developers and engineers all around the world are deploying code hundreds of thousands of times a day. Hundreds of millions of lines of code are churned out on a monthly basis, and it’s only going to get faster. Yet the security industry continues to kick our feet about DevOps.   But security teams can’t afford to continue the tip-toeing act we’ve been doing around DevOps. We need to find a way to better integrate our security needs within DevOps processes – and we need to do it fast.  DevOps is here, and it’s up to the security team to determine how security processes and tools will fit into the mix – or risk being edged out.  
</Read More>
Celebrating National Cyber Security Awareness Month

Celebrating National Cyber Security Awareness Month

Oct 12, 2015 By Sarah Vonnegut | If you’re in need of a great excuse to strengthen – or start – an application security awareness program for your developers, this month is it. October, as you may already know, is National Cyber Security Awareness Month (NCSAM), and hundreds of security-focused organizations, including us, have come together in support of a more secure future for all.   Checkmarx is excited to have partnered up with the National Cyber Security Alliance (NCSA) and the Department of Homeland Security in promoting security awareness, and this year our aim is to raise awareness for application developers. As part of our participation in this year’s Cyber Security Awareness initiative, we’ve launched a site, SecureDevKit.com, dedicated – in October and throughout the year – to teaching developers how to write better, more secure code.  
</Read More>
Application Security Testing-

Application Security Testing: 7 Steps to a Recipe for Success

Sep 10, 2015 By Sarah Vonnegut | Security tools are becoming more and more popular throughout the world of tech, and for security enthusiasts, and it should be something to celebrate about. But, in reality, we still have a long way to go when it comes to the actual use of the tools.
We’ve known for years about the major gap between security and development, and we’re getting better. But while the proliferation of the DevOps movement has made organizations realize that security is essential to agile processes, we’re still missing a piece of the puzzle. Because while the purchase of security solutions might be increasing, developer use isn’t quite on par.
</Read More>
Untitled design (8)

5 Steps That WILL Raise Your Developers Information Security Awareness

Jul 17, 2015 By Sarah Vonnegut | In the same post where Bruce Schneier famously said that he personally believes “that training users in security is generally a waste of time, and that the money can be better spent elsewhere,” he added an important caveat about training developers. Developers, he wrote, “are people who can be taught expertise in a fast-changing environment, and this is a situation where raising the average behavior increases the security of the overall system.”
</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.