Tag: open source

OpenSSL Vulnerabilities: Takeaways from the Latest Patch

The OpenSSL project this week released a series of patches to combat six vulnerabilities that have been discovered as of late, including two high-severity flaws that would give attackers the ability to decrypt HTTPS traffic, execute malicious code on vulnerable servers, and possibly even cause servers to crash. Ironically, one of the flaws was actually

Read More ›

Google Vendor Security Review

Google Vendor Security Review Tool Goes Open Source

In an ongoing effort to share their knowledge and expertise, Google recently announced on its security blog that they have released to open source their Vendor Security Assessment Questionnaire (VSAQ) on GitHub under the Apache License Version 2. The Google Vendor Security Review Tool questionnaire is used by Google to evaluate the quality of security

Read More ›

Application Security Trends

The Application Security Trends You Can’t Ignore in 2016

Application security is finally beginning to take wind. After years of being pushed to the background in favor of other areas of IT security, recently we’ve seen a major shift in the security landscape where application security is finally getting attention.With 84% of attacks aimed at the application layer – it’s about time, too.  

Read More ›

3 Things to Know About Managing Open Source Components in Your App

Manage your software where it’s created. It is in your continuous integration environment where the various pieces of code become software. While some of the software is proprietary, much of it (probably over 50%) is open source components, as your development teams use open source components to boost their productivity and make better products. You most

Read More ›

Most Popular Stories of the Year from the Checkmarx Blog

With the beginning of the New Year comes lots of reflection for the past 365 days. Here at Checkmarx, we had a fantastic and busy year – and it definitely shows on the blog. If you’re looking for some good security info to sink in to or want to catch up on the stories you

Read More ›

open-source-static-code-analysis-security-tools

The Ultimate List of Open Source Static Code Analysis Security Tools

Doing security the right way demands an army – of developers, security teams, and the tools that each uses to help create and maintain secure code.   With the increasingly important mindset of creating quality, secure code from the start, we’ve seen a greater shift towards the adoption of tools designed to detect flaws as

Read More ›

Risks and Rewards in Security: An Interview with Josh Sokol, InfoSec Program Owner and Creator of SimpleRisk

When you’re in the midst of a security issue, getting to the point of feeling on top of security again can seem a million miles away. Because in the end, security is about being aware of what’s going on in your environment and having a proactive approach to dealing with the threats. Being able to

Read More ›

Jump to Category