Tag : static code analysis


Istana Website Hacked; Singapore Cybercrime On The Rise

Dec 02, 2013 By Sharon Solomon | The list of hacked websites just keeps getting longer. The Istana website, official cyber-domain of Singapore’s Presidential Office, is the latest high-profile casualty. The Singaporean police have arrested two suspects, who have been charged under the Computer Misuse and Cybersecurity Act, punishable by up to five years in prison.

</Read More>

Obamacare Website Compromised; Security Issues Surface

Nov 21, 2013 By Sharon Solomon | The Obamacare website has now joined the ever-growing list of compromised portals. Reports of bad user-experience and rumors of security breaches have been making the rounds for weeks, but the newly launched national healthcare website (healthcare.gov) has now apparently fallen prey to a typical Cross-Site Scripting attack. 

</Read More>

Monetary Authority of Singapore (MAS) Embraces SAST

Nov 15, 2013 By Sharon Solomon | Application security in Financial Information Systems (FIS) has become a must in today’s malicious cyberspace. Due to the wide range of solutions in the market, many software executives find it hard to pick the right defense strategy for their systems, which contain highly sensitive details and valuable information.

</Read More>

Checkmarx Wins Award at OWASP Infosec India 2012

Sep 23, 2012 By Administrator | After a highly successful event at OWASP Infosec India last month, we would like to share with you some photos from the event and thank everyone who made the event a success. Thank you for all the visitors that attended our booth and discussed their source code analysis requirements with us.
To continue the dialog, request more information, please contact us. Alternatively you can sign up to start a FREE trial.

</Read More>

Coding Security Into Applications – Secure SDLC

Jun 04, 2012 By Administrator | We wanted to share with you an excellent article written by Richard Janezic from midsizeinsider.com that covers the alarming state of application security, and how many of the current security vulnerabilities can be prevented by dedicating more thought into developing a secure coding methodology utilizing technologies that are available in the marketplace and considerably reduce the complexity of the task at hand.

</Read More>

Flame Burns Right Through Windows Application Security

May 30, 2012 By Administrator | This week the cyber warfare stakes in the Middle East were raised a few notches when a Kaspersky Lab (Link) anti-virus expert discovered the Flame virus, which many have dubbed the most advanced and sophisticated cyber weapon ever unleashed. The Flame espionage worm, a previously unknown piece of malware was at the heart of a campaign to delete classified information from computers throughout the Middle East.

</Read More>

What’s HOT in Application Security Vol#12

May 14, 2012 By Administrator | 90% of all Custom Built Web Application are Wide Open for Attacks!
An astounding 86% of custom built websites are said to have vulnerabilities, said a report issued last week by an American IT company. Nearly 90% of all custom designed web applications tested found positive SQL Injection leaks.

</Read More>

What’s Hot in Application Security Vol #11

May 09, 2012 By Administrator | Is fear in the Cloud misplaced?
Who’s afraid of the big bad cloud? Everyone apparently! Corporations, Public Companies; the list is endless. Cloud Security is synonymous with problems. When we consider Cloud Security we think about application security and guarding sensitive data. Cloud Security has been one of the things on the front of the minds of IT directors for years as they ponder; how do we migrate data out of the corporate data centers to the cloud?

</Read More>

What’s HOT in Application Security Vol#10

Apr 30, 2012 By Administrator | What’s Wrong with the Public Sector?
They’re failing OWASP Top 10!  
OWAP Top 10- the bible of web applicaiton vulnerabilties, the benchmark vulnerabilities by which most organizations should by going by; who’s their worst pupil? The Public Sector.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.