Collaborate Disseminate
Discovering vulnerabilities like the ones mentioned below is why the Checkmarx Security Research team performs investigations. This type of research activity is part of their ongoing efforts to drive the necessary changes in software security practices… Continue reading 2019 – Checkmarx Research Roundup
Injection vulnerabilities are one of the oldest exploitable software defects, which unfortunately are still prevalent today. Doing a simple search on cve.mitre.org com for the term injection returns with over 10,852 injection-related vulnerabilities in… Continue reading Injection Vulnerabilities – 20 Years and Counting
Most people in our industry know what the acronym CVE means. For those that may not, CVE stands for Common Vulnerabilities and Exposures. According to their website, CVE was launched in 1999 as a list of common identifiers for publicly-known cybersecur… Continue reading Combating the Continuous Development of Vulnerable Software
It’s no hidden secret that an increased level of training and education is both one of the biggest needs and shortcomings in the cybersecurity industry. Organizations are falling victim to cyberattacks more frequently than ever before and the ram… Continue reading Power to the Players: 3 Tips for Gamifying Your Cybersecurity Training
October is the annual National Cybersecurity Awareness Month (NCSAM), which is promoted by the U.S. Department of Homeland Security and the National Initiative for Cybersecurity Careers and Studies (NICCS). According to the NICCS, “Held every Oct… Continue reading Kotlin Guide: Why We Need Mobile Application Secure Coding Practices
In the wake of Black Hat 2019 and DEF CON 27, there is no doubt that the cybersecurity industry is growing beyond anyone’s expectations. The sheer number of sponsors and attendees who descended upon Las Vegas last week from all parts of the world… Continue reading Why Software Security and DevOps Were the Talk of the Town at Black Hat and DEF CON 2019
On the heels of the RSA Asia Pacific and Japan conference that took place last week, there was one common theme that Checkmarx captured while speaking with visitors at their stand—imbedding security throughout an organizations’ DevOps ecosy… Continue reading One Common Theme – One Common Goal
Code Exposure: The Vulnerabilities in Your Code & Where They Originate Typical software applications are comprised of two types of code: custom code created by your internal development teams, and third-party code – often open source – … Continue reading Code Exposure: The Vulnerabilities in Your Code & Where They Originate
Can a single approach to application security solve all of your problems? Relying on a single testing solution to protect your applications is essentially like trying to protect your house from burglars, with a single alarm. Now imagine the house is pa… Continue reading Demystifying the myth of an AppSec silver bullet
Concerning the latest data breaches on record, this past May was rather noteworthy. A host of organizations from around the world announced in fact, that they had experienced a data breach. From online retailers, travel booking sites, and high-te… Continue reading Vulnerable Software – The Gift that Keeps on Giving