Tag : OWASP

blog-owasp-resources

Top 5 OWASP Resources No Developer Should Be Without

Jan 09, 2018 By Sarah Vonnegut | Writing secure code is now a must for developers. The rising number of attacks on organizations big and small and the fallout for companies who’ve been breached are growing. As such, security is finally moving out of the periphery to become a mainstay for business continuity.  

</Read More>
blog-a-closer-look_-owasp-top-10-application-security-risks

A Closer Look: OWASP Top 10 2017 – Application Security Risks

Dec 03, 2017 By Arden Rubens | Open Web Application Security Project (OWASP) is an organization filled with security experts from around the world who provide information about applications and the risks posed, in the most direct, neutral, and practical way. Since 2003, OWASP has been releasing the OWASP Top 10 list every three/four years. The list consists of the top biggest Application Security Risks according to OWASP.

</Read More>
blog-owasp-infographic

INFOGRAPHIC: OWASP Top 10 Application Security Risks

Nov 30, 2017 By Arden Rubens | The OWASP Top 10 Application Security Risks 2017 (PDF) is out. The list takes a good look at the most critical application security risks facing organizations and developers today, with the big goal of raising awareness, upping the knowledge, and helping security teams and developers release secure applications. 

</Read More>
IoT

Internet of Things (IoT) – Hack My Army

Mar 14, 2016 By Sharon Solomon | It’s now common knowledge that the Internet of Things (IoT) revolution has infiltrated our homes, cars and offices. But even defense forces are going online, with more and more weaponry being operated remotely with the help of dedicated applications. Unfortunately, this has provided politically and criminally motivated hackers with new targets to manipulate. Is the modern army really prepared to fight off the bad guys? Let’s find out.

</Read More>
cybersecurity_organizations_resources

The Cybersecurity Organizations & Resources You Need to Know

Feb 12, 2016 By Sarah Vonnegut | No matter where you are on your journey in security, there is always room to keep learning. Especially in the security industry, it’s important to aim for a deep understanding of software and how applications interact on the web. In such a dynamic field, there’s no doubt the learning will never end.   Luckily for students of cybersecurity, there are plenty of organizations doing the hard work to help us better understand what we’re working to protect, and how best to secure our own organizations. These organizations are helping fight the “cyber battles” – and are helping us do the same. From nonprofits to university centers to government-funded research facilities, the security industry has its’ bases covered. There’s a never-ending mountain of high-quality research and guides anyone interested can access – if you know the right places to look.

</Read More>
Application Security Resources

21 Application Security Resources No Developer Should Be Without

Dec 11, 2015 By Sarah Vonnegut | The truth of the matter is, you have no idea what will happen to your code once your application is released. Your code may be used again down the line, it may be altered – and it will most certainly be used in ways you never imagined. Can you start to see why security does actually play an important role in organizations which develop applications?   Luckily, if you’re in a position where you interact with code, you have a direct way to help better secure our applications and devices. And with that power comes responsibility – the responsibility of playing your part in helping secure the world’s software.   To help get those working with code a boost in your security education, we’ve curated a collection of application security resources to assist any developer, wherever you are on your journey into the arduous (yet rewarding) world of application security. Because when it comes to Application Security, your education is never complete.

</Read More>
Secure iOS App Development

40 Tips You Must Know About Secure iOS App Development

Nov 10, 2015 By Sharon Solomon | The iPhone is arguably the most desired smartphone on the planet today, thanks to its shiny metallic hardware and user-friendly iOS 9 mobile platform. Despite Google leading the numbers-game with its open-source Android mobile platform, iOS is often considered to be the safer of the two due to Apple’s stricter security policy and its willingness to sacrifice customizability for the cause. But even this platform has its fair share of vulnerabilities and potential security loopholes that need to be addressed by the developers.

</Read More>
Blog Headers

13 More Hacking Sites to (Legally) Practice Your InfoSec Skills

Nov 06, 2015 By Sarah Vonnegut | Read the first post, 15 Vulnerable Sites to (Legally) Practice Your Hacking Skills here.   There’s a well-known saying that before you judge someone you should always “walk a mile in the other person’s shoes.”  You can’t get the full picture behind a person without first living like they do and understanding what goes on in their heads.     In organizations around the world, there’s a big push to be more “security aware,” and it’s an important part of our jobs. We’re defenders, and we have a big job to do in making sure our applications and systems are secure from any threat that might come at us. But there’s another side to being good at defending your applications and systems. Those dealing with security also need to “walk a mile in the other persons shoes” – but in our case, it’s about understanding the attackers side not so we can empathize, but so we can minimize the risks posed by and to our applications.   

</Read More>
Internet of Things (IoT) - Hack My Home

Internet of Things (IoT) – Hack My Home

Nov 02, 2015 By Sharon Solomon | Once a luxury reserved exclusively for the uber-technical or super-rich, the Internet of Things (IoT) phenomenon is invading our private dwellings at an astonishing pace. This revolution has basically connected all commonly used home appliances to the internet. Tech giants worldwide are investing a lot of resources in creating their own Internet of Things (IoT) eco-systems. Unfortunately a lot of this is happening in an unprotected manner, putting millions of people and homes at risk.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.