Tag: static code analysis

Introducing the Checkmarx Certified Engineer Program (CxCE)

If you were to take a look at the current job market for developers, application security engineers, solution architects, penetration testers, or systems engineers, it’s clear that application security testing skill sets are in high demand. You’ll also notice that Checkmarx has become synonymous with application security testing. Gartner further validated this by naming Checkmarx

Read More ›

SECURITY COMPLIANCE

MISRA C: Security Compliance from the Streets to the Skies

The Motor Industry Software Reliability Association (MISRA) is an organization whose mandate is “to provide assistance to the automotive industry in the application and creation within vehicle systems of safe and reliable software.” MISRA’s steering committee steering is made up of a mixture of automotive manufactures, such as Ford and Jaguar, component suppliers as well

Read More ›

What is Static Code Review?

Static code review, as a phrase, is actually a bit misleading. Static code review refers to two divergent methods of security testing: static code analyis and code review. These methods check code for flaws, security issues and quality concerns that, when combined, help developers ensure that their code is not only free from potential exploits

Read More ›

Static Analysis Tools: All You Need to Know

Application security is finally beginning to hit the mainstream, and organizations are beginning to see the benefit and need of securing their applications, both internal and external. With so many facets to AppSec, it can be hard to know where to start, especially when trying to build a program from scratch.

Read More ›

Static Code Analysis Tools – The AppSec Checklist

You have finally decided to fight cybercrime and protect your application. Great. But picking correctly from the wide range of static code analysis tools available on today’s market has become a challenging task. Besides being ineffective in locating application layer vulnerabilities, picking the wrong solution can lead to developer disengagement, which is the worst thing that can happen to

Read More ›

HTML5 Security

All You Wanted To Know About HTML5 Security

With Google officially dropping Flash ad support in favor of HTML5, the security aspect of this relatively young programming and scripting language has become extremely crucial. Being a web-based application always invites cybercrime, which means that code integrity is very important. The following article will lay down the most important Application Program Interface (API) coding

Read More ›

OSI Model

Application Layer Security Within the OSI Model

With more and more high-profile hackings taking place in recent years, application security has become the call of the hour. But while the awareness is on the rise, not all security officers and developers know what exactly needs to be secured. One aspect that is often overlooked during development is application layer security. The following

Read More ›

Smart City

Internet of Things (IoT) – Hack My Smart City

The modern metropolitan is becoming more and more computerized. Mega computers are running the show in more ways that can be comprehended – traffic signals, electricity networks, water supply pipes, public transport services and other civil utilities. While the Smart City concept is improving the standards of urban services, how safe really is it for us?

Read More ›

All You Wanted To Know About Online Banking Security

Gone are the days when people frequented their banks to get their errands done. With more and more banking activities being performed online via web and mobile applications, the security risks are rising exponentially. But are banks and financial institutions doing enough to safeguard our privacy and financial assets? What are the risks and what

Read More ›

Jump to Category