Checkmarx Launches Infrastructure as Code Scanning Solution to Secure Cloud-Native Applications: KICS

Tag: SCA

Exploitable Path – Advanced Topics

This is the third and final blog on Exploitable Path – a unique feature that allows our customers to prioritize vulnerabilities in open-source libraries. In the first blog, we introduced the concept of Exploitable Path and its importance. The conclusion was that a vulnerability in a library is considered exploitable when: The vulnerable method in

Read More ›

The New Code Analysis Approach in the Modern DevSecOps Era

Over the past couple of years, DevSecOps has become one of the newest catchphrases in organizations who are striving to enhance their secure software initiatives. But what exactly is DevSecOps, and how do you turn it into reality? Unfortunately, just adding a few letters to DevOps does not necessarily lead to nirvana. In most software

Read More ›

5 Irrefutable Reasons to Prioritize Software Security

These days, technology is evolving at a pace like never before seen, forcing organizations into an “adapt or die” situation. And, as digital transformation accelerates, everyone is feeling the effects. DevOps leaders, AppSec managers, and developers are certainly no exception, as they’re being tasked with developing and deploying software at a faster rate to keep

Read More ›

It’s Time to Update Your Drupal Now!

As part of our ongoing mission to help organizations develop and deploy more secure software and applications, and in light of Checkmarx’s expanded insight into the open source security landscape with its recently launched SCA solution, the Checkmarx Security Research Team analyzed Drupal, an open source content management system (CMS) and one of the top

Read More ›

The Road to DevSecOps: Addressing the Challenges of Open Source Software

Although software is significantly changing our work, home, and personal lives, many don’t realize that today’s software is made up of numerous ingredients. Some of the software we use daily contains pieces of custom code that’s developed internally by an organization, while other pieces of code come from community-driven open source projects that end up

Read More ›

Jump to Category