Online e-commerce has become the rage. Millions of people worldwide are doing their shopping on the various online platforms. But even enormous e-commerce platforms like eBay are not immune to cybercrime, as security researcher MLT demonstrated recently. The culprit this time was Cross Site Scripting (XSS), a common application layer vulnerability that obviously was not detected/remediated during
Tag: Source Code Analysis
The IT industry is constantly evolving, with more and more organizations ditching the old Sequential Design Process (Waterfall). Agile Software Development (ASD), an iterative methodology based on collaboration between various cross-functional and self-organizing teams, is becoming the go-to tactic for many organizations across the globe. But Agile software development also requires proper security implementation for optimal results.
The e-commerce and retail fields have undergone mammoth changes over the last decade. Paying in hard cash has almost become a thing of the past. Credit and debit cards are now being used to conduct millions of transactions and e-shopping purchases on a daily basis worldwide. But this new reality has also introduced numerous security perils.
Due to the growing demand for robust applications, the secure Software Development Life Cycle methodology is gaining momentum all over the world. Its effectiveness in combating vulnerabilities has made it mandatory in many organizations. The objective of this article is to introduce the user to the basics of the secure Software Development Life Cycle (also known
Doing security the right way demands an army – of developers, security teams, and the tools that each uses to help create and maintain secure code. With the increasingly important mindset of creating quality, secure code from the start, we’ve seen a greater shift towards the adoption of tools designed to detect flaws as
Checkmarx has now released an update that scans your application source code for the Heartbleed-vulnerable library code. The Heartbleed vulnerability had affected almost half a million secure web servers, certified by trusted authorities, by the time it was exposed. The bad news is that the problem still exists. More than 2% of the Alexa world
Hackers going after Web applications are getting smarter and faster by automating their malicious tools, and organizations are struggling to keep up. This was among the biggest revelations in Verizons’ 2014 Data Breach Investigations Report. The report analyzed over 63,000 security incidents over the past year, 1,367 of which resulted in a breach. It may
Automation has taken the business world by storm. We automate everything, from marketing to manufacturing and everything in between, and it often pays off: greater ROIs, higher productivity, less overworked employees. In application security, the same can be true. As web applications have become the essence of business in almost every industry, the risks have
Checkmarx Reaching New Heights – Now Second Highest Ranked Security Company In 2013 Deloitte Fast 500
Checkmarx is breaking all barriers. The Israeli IT Security firm has stormed into the Deloitte top-500 fastest growing EMEA companies, taking 69th place overall in the 2013 rankings. Technology Top 500 is a unique ranking research project, conducted annually by Deloitte Touche Tohmatsu Limited (DTTL). Technology, telecommunications, software and internet companies are scanned and studied
Hacktivism, commercial malware and criminal exploitation have become the norm in today’s cyberspace. This worrying trend has magnified the need for a comprehensive testing solution that can be integrated into the SDLC. Enter Source Code Analysis (SCA).