Collaborate Disseminate
When it comes to IT security initiatives, many enterprises struggle to quantify business value and return on investment (ROI), often viewing their security spend solely as an insurance expense – a must-have in today’s world of compliance regulations an… Continue reading What is the ROI of Checkmarx Application Security Testing (AST)?
“Burnout” happens across all jobs and industries, especially tech. However, developers have always been particularly at-risk of falling victim to burning out, and the COVID-19 pandemic, and the resulting digital shift driven by software, has only escal… Continue reading Preventing Developer Burnout in the Age of Rapid Software Delivery
Application security platform NeuraLegion announced today it has raised a $4.7 million seed round led by DNX Ventures, an enterprise-focused investment firm. The funding included participation from Fusion Fund, J-Ventures and Incubate Fund. The startup also announced the launch of a new self-serve, community version that allows developers to sign up on their own for […] Continue reading Application security platform NeuraLegion raises $4.7 million seed led by DNX Ventures
The automation and integration of Application Security Testing (AST) is essential for building out a true DevSecOps program. Automation is the easy part. Invoke a security scanners’ REST API or a command line interface inside a pipeline and you can get… Continue reading Integrating Checkmarx Security Results within GitLab
The Checkmarx Security Research Team recently audited the security of several high-profile websites, including Meetup.com. For those who are not familiar with Meetup.com, it allows users to create an event where people with similar interests gather. Ev… Continue reading Privilege Escalation on Meetup.com Enabled Redirection of Payments
The automotive industry is experiencing radical change—and software is the catalyst. Progressively more software, increasingly intelligent components, and new methods of interaction are finding their way into automobiles of all sizes and price. S… Continue reading On the Road to DevSecOps: Securing the Software Driving Mobility
In a world where one data breach is all it takes to destroy a business, only the prepared and vigilant ones that embrace security in their operations can prevent disaster. Yet, if you ask most developers about security, they will crease up their faces … Continue reading AppSec, the developer way: Transforming security from a “dirty word” to a common practice
In 2018, we performed our initial research about the current state of security in the context of Smart Contracts, focusing on those written in Solidity “a contract-oriented, high-level language for implementing smart contracts“. At that tim… Continue reading Solidity Top 10 Common Issues
In an industry full of acronyms and buzz words, the term “shift left” surfaced as a result of organizations waiting to perform software security testing until the end of the development process. The problem here is that the industry still t… Continue reading Why “Shift Left” in DevOps is really “Shift Center”
A security audit is now a critical component of modern business. As organizations embrace cloud computing, data analytics and workplace mobility, they have to navigate through an increasingly complex world of data privacy mandates and legislature and … Continue reading A Security Audit Is Critical to Mitigate Risk