Rise of the Machines: AI and Security – Free Live Webinar, March 20

Tag: Secure Coding

Android WebView: Are Secure Coding Practices Being Followed?

Android WebView: Are Secure Coding Practices Being Followed?

WebViews are very common on the Android applications. There are clear WebView security best practices, but are they being implemented? With our previous blog post in mind, Android WebView: Secure Coding Practices, we wanted to understand how security best practices in WebViews are being implemented in the wild. Are the apps with WebViews, currently available on

Read More ›

Introducing the Checkmarx Certified Engineer Program (CxCE)

If you were to take a look at the current job market for developers, application security engineers, solution architects, penetration testers, or systems engineers, it’s clear that application security testing skill sets are in high demand. You’ll also notice that Checkmarx has become synonymous with application security testing. Gartner further validated this by naming Checkmarx

Read More ›

A Simple Coding Error Put Millions of Smartphone Users at Risk: What You Need to Know

As many as 180 million smartphone users are at risk of having texts and calls hijacked by hackers – all due to a simple coding error in at least 685 different mobile apps. A warning was released by the cybersecurity firm Appthority late last week. According to Appthority, the vulnerability (known as Eavesdropper) could let

Read More ›

A Closer Look: Securing with Jenkins

Acclaimed by the DevOps world and best known as the leading open source automation server for continuous integration (CI) and continuous delivery (CD), Jenkins is a Java-based program designed to monitor a set of executions in a software environment. Jenkins allows developers to rapidly detect and resolve errors in the code base and boosts automated

Read More ›

Secure Software Development

Secure Software Development Tips – Interview with Josh Feinblum

The fourth, and final, interview in our 2016 National Cyber Security Awareness Month series is with Josh Feinblum, the VP of Information Security at Rapid7. In this series, we have gotten tips for accelerating application security with Dan Cornell of the Denim Group, received insights about managing open source security with Rami Sass of WhiteSource

Read More ›

Secure Application Development: Avoiding 5 Common Mistakes

It’s 2016 – and yet, somehow, ‘easy-to-avoid’ vulnerabilities like SQL injection and XSS can be found on websites of government agencies, Global 500 companies, as well as in highly sensitive medical and financial applications developed and deployed around the world. Two decades of the same kinds of attacks and we still haven’t gotten secure application

Read More ›

Static Code Analysis Tools – The AppSec Checklist

You have finally decided to fight cybercrime and protect your application. Great. But picking correctly from the wide range of static code analysis tools available on today’s market has become a challenging task. Besides being ineffective in locating application layer vulnerabilities, picking the wrong solution can lead to developer disengagement, which is the worst thing that can happen to

Read More ›

All You Wanted To Know About Online Banking Security

Gone are the days when people frequented their banks to get their errands done. With more and more banking activities being performed online via web and mobile applications, the security risks are rising exponentially. But are banks and financial institutions doing enough to safeguard our privacy and financial assets? What are the risks and what

Read More ›

What You Need To Know – Millions of eBay Users Exposed

Online e-commerce has become the rage. Millions of people worldwide are doing their shopping on the various online platforms. But even enormous e-commerce platforms like eBay are not immune to cybercrime, as security researcher MLT demonstrated recently. The culprit this time was Cross Site Scripting (XSS), a common application layer vulnerability that obviously was not detected/remediated during

Read More ›

Jump to Category