Collaborate Disseminate
As the pace of digitization across the global economy accelerates, companies are creating more and more software. This is putting greater pressure on internal teams to deliver on schedule, within budget and to stay ahead of security vulnerabilities. T… Continue reading Code Itself Is a Growing Security Threat
Today’s cybersecurity and software development students spend years in the classroom honing their skills for gainful employment once they graduate. They’re being equipped with deep knowledge of application vulnerabilities, real-world attack scenarios, … Continue reading Remarkable University Study About Real-World Cybersecurity Training
It’s no hidden secret that businesses have been moving toward digital transformation for years, but the current pandemic has accelerated this movement at a rate and scale like never seen before. As Microsoft CEO Satya Nadella recently put it, “We have … Continue reading Post-Pandemic Responsibilities for a Modern Day CISO
In 2018, we performed our initial research about the current state of security in the context of Smart Contracts, focusing on those written in Solidity “a contract-oriented, high-level language for implementing smart contracts“. At that tim… Continue reading Solidity Top 10 Common Issues
In an industry full of acronyms and buzz words, the term “shift left” surfaced as a result of organizations waiting to perform software security testing until the end of the development process. The problem here is that the industry still t… Continue reading Why “Shift Left” in DevOps is really “Shift Center”
Across industries, developers and DevOps teams rely on routine, repetitive processes to log and manage their software security vulnerabilities. But these processes are often inefficient, and they don’t require creative human thought. Although ope… Continue reading Free your Developers from Mundane Tasks
Recently, the Checkmarx Security Research team investigated the online music platform SoundCloud. According to their website, “As the world’s largest music and audio platform, SoundCloud lets people discover and enjoy the greatest selection… Continue reading Checkmarx Research: SoundCloud API Security Advisory
The recent industry shift towards DevOps makes it clear that organizations are adopting this development and operational model to facilitate the practice of automating software delivery and deployment. As a result, organizations are acknowledging that … Continue reading Correlating and Remediating Security Risks at Scale is Vital to DevOps
Survival of the Fastest Today, everything is getting faster. With social media and our smartphones, we expect immediate responses to our messages. When searching for the answer to a question, the internet can deliver it in seconds. Even Amazon’s … Continue reading Software Architecture with Shortest Time-to-Market Consideration
This research was provided by Paulo Silva and Guillaume Lopes, who are members of the Checkmarx Security Research Team. Quoting the official documentation, Solidity “is a contract-oriented, high-level language for implementing smart contracts.… Continue reading Checkmarx Research: Solidity and Smart Contracts from a Security Standpoint