When it comes to software security, one of the biggest challenges facing developers today is information overload.

As we look to next year, we’ll see an evolution of software security to support cloud native environments, especially as it relates to API authentication and authorization processes.

As the world continues to battle a global pandemic, major M&A deals shouldn’t be completely off the table. Here’s how you can still close that mega deal.

Turns out even that might not be safe, thanks to the efforts of researchers from Tel Aviv-based security firm Checkmarx. According to the report from WIRED, it seems that there exists a vulnerability in the Tinder app that lets anyone connected

In 2018 one major change we will see as it relates to Application Security (AppSec) is that there will be a reduction of organizations running their own dynamic application security testing (DAST). Many organizations will begin to leverage interactive application

With a whopping 2.2 billion smartphone users worldwide, it is no surprise that mobile games make up 42 percent of the gaming market equating to $46.1 billion in revenue. What is surprising is that most of the mobile games, including

Amit Ashbel, Director of Product Marketing and Cyber Security Evangelist, Checkmarx:  Here’s what’s next for DevOps.  “DevOps is still maturing, and while many organizations are shifting to DevOps, many are still in the process and not there yet. That said, the DevOps movement

In talking to companies all over the U.S, it is almost unanimous that DevOps is here to stay. DevOps modernizes the software development life cycle and deployment to account for the way businesses are run. I would say 90-95% of

The cost of protecting applications from cyberattacks is climbing fast. So, it’s time for business units to help cover the pricetag. The 2017 Ponemon Institute study reaffirms that while this year has seen more hacks and breaches than 2016, organizations are actually

The DevOps culture removes the barriers between departments, and especially among those most deeply involved in DevOps; that is, the operations teams and developers. Historically, there has been a culture of inefficiency and miscommunication between developers and operations teams. This

Checkmarx has launched new mobile security courses for developers. The interactive courses include secure coding for Android Java, Android Kotlin, iOS Objective C, and iOS Swift. There are 9 free courses which can be found here. For each of the languages, there are

One of the biggest areas for application security in 2018 is how it fits within a true DevOps environment. In my discussions with some of the largest organizations in the world there seems to be one common theme, and that is

The importance of integrating security tests in the software development life cycle is commonly discussed and widely agreed upon, yet getting developers to write secure code to begin with is known to be a challenge. According to the SANS 2016 State

Thanks to sophisticated development tools and practices that have emerged in recent years, application teams are producing code faster than ever. The downside is that the shorter release cycles become, the less time is left to check for potential security flaws.

Matthew Rose, ‎global director of application security strategy at Checkmarx, an application security software vendor headquartered in Israel, said there were a number of ways a shared library might be infected by a malicious actor. “Typically third-party libraries are maintained

The Loftek CXS-2200 and VStarcam C7837WIP, which look nearly identical, contained more than a dozen vulnerabilities between them, many of which would let an attacker take over the camera from the internet. “The vulnerabilities just kept on coming,” the report

Checkmarx researchers said a pair of IP-enabled security cameras have nearly two dozen flaws that would make them vulnerable to attack. Loftek DSS-2200 and VStarcam C7837WIP, manufactured in China and aimed at the consumer market, also can be pressed into

Two consumer-grade IP-enabled security cameras manufactured by Loftek and VStartcam are riddled with nearly two dozen vulnerabilities that expose them to remote attacks. According to researchers, more than 1.3 million of the cameras are in use today, with 200,000 models

Checkmarx researchers have analyzed a couple of IP cameras from Loftek and VStarcam and discovered several new vulnerabilities and variations of previously found flaws. In Loftek’s CXS 2200 camera, experts discovered cross-site request forgery (CSRF) flaws that can be exploited

Today’s cyber landscape leaves no room for mistakes when it comes to the security of software and applications. Enterprises are well aware of the harsh consequences of a cyberattack. Moreover, with end users expecting software vendors to deliver cutting edge

Application security testing company Checkmarx has now acquired the somewhat aggressively named Codebashing, a company that specializes in game-like application security education and training for software application developers.   Read the full article on Forbes

Checkmarx has acquired Codebashing, an application security education company that delivers Game-like AppSec Training for Developers. Traditional secure coding education is ineffective and cannot scale to deliver continuous and across the board secure coding knowledge. Long training courses disrupt the

Through Acquisition, Checkmarx will Provide Interactive Tools to Further Developer Application Security Knowledge and Deliver Secure Applications Even Faster.  Checkmarx, a global leader in application security testing solutions, today announced its acquisition of Codebashing, a leading application security education company that

Checkmarx announced the acquisition of Codebashing, an application security education company that delivers Game-like AppSec Training for Developers. By shifting security left and empowering developers to deliver secure applications, this acquisition allows Checkmarx to introduce continuous, in-context, bite sized secure

Israel’s Checkmarx, which provides application security testing technology, said on Monday it acquired UK-based Codebashing, an application security education company.   Click here to continue reading

Checkmarx acquires security education provider Application security testing provider Checkmarx announced the acquisition of Codebashing, a app security education company that delivers game like app security training for developers. Together, the companies will provide tools to further developer application security

Checkmarx has acquired Codebashing, an application security training company. The application security testing firm said on Monday that the deal is expected to improve Checkmarx’s training and the education of development teams faced with an evolving and rapidly-changing IT environment, especially

Nor is it the first time that a vulnerable plugin has provided a route into WordPress. In 2013, Checkmarx released a report showing that 20 percent of WordPress plugins and seven of the top 10 ecommerce plugins were vulnerable to basic web

In DevOps, when you’re deploying hundreds, possibly thousands, of features and bug fixes a week, security cannot afford to be an afterthought. The beautiful thing about DevOps is that it is a process that continues to get more streamlined, faster

We’re living in a world where technology is increasingly part of our everyday lives. Unfortunately, despite the advantages that all of this new technology offers, it also comes with risk. Although there is research to suggest that developers are becoming

More than 500,000 Australian websites went dark on April 13 thanks to a DDoS attack, and the month ended with a hacker stealing an entire unreleased season of Netflix’s Orange Is the New Black show.  Scroll down to see a

Checkmarx is an application security software company, whose mission is to provide enterprise organizations with application security testing products and services that empower developers to deliver secure applications.  The new Checkmarx (CxSAST) Microsoft Visual Studio Team Services Plugin allows organizations

The Internet of Things offers a beautiful, interconnected vision of the future. However, secure code has to underpin all things IoT because just one chink in the armor leaves us all vulnerable. The pace at which the Internet of Things

The Cyber-Security Council Germany said on Wednesday it opened its first international chapter with security firm Checkmarx in Israel, establishing a bridge between German and Israeli cybersecurity communities. “Cyber threats are not bound to national borders, so that transnational cooperation

In my opinion, shifting to Agile is easier than what some organizations may think. Overall, making deliveries smaller is key for a successful Agile workflow, it’s easier to steer a small boat and fix its course than changing a huge

Checkmarx has announced that a leading American international banking and financial services holding company is implementing the Checkmarx solution to further strengthen its security posture and deliver secure applications to its customers. This means that four of the largest American

A leading American international banking and financial services holding company is implementing the Checkmarx solution to further strengthen its security posture and deliver secure applications to its customers. This means that four of the largest American banks have adopted Checkmarx

Checkmarx announced that a leading American international banking and financial services holding company is implementing the Checkmarx solution to further strengthen its security posture and deliver secure applications to its customers. This means that four of the largest American banks

March came in like a lion with news breaking on March 6 that spamming operation River City Media exposed 1.34 billion email accounts, some of which included personal information including full names and addresses. How did this happen? The company

Developers will never be responsible for all of security in an organization, but if they keep up with best practices, resources, and find new ways to secure and deliver good code, they could play a key role in developing resilient

Checkmarx, a global leader in application security testing, today announced that a leading American international banking and financial services holding company is implementing the Checkmarx solution to further strengthen its security posture and deliver secure applications to its customers. This

From LinkedIn to Yahoo, companies fell into the hands of hackers and identity thieves in 2016. Each year, companies seem to make the same security resolutions, only to face roadblocks like skill shortages, time constraints and budget issues, which prevent

With four out of every five businesses using 10 or more business applications, securing those applications should be paramount in the run up to March 2018. There continues to be a certain malaise among many organisations about getting ready for the

On February 5, an anonymous hacker kicked off February’s breaches, taking down a dark web hosting service that the hacker claimed was hosting child pornography sites. In the process, the hacker showed just how easily the dark web can be

Security, specifically application security, has become a huge challenge for IT companies worldwide. Actually, most companies in any vertical nowadays have some sort of IT platform they maintain. An increasing number of exploits, causing widespread financial and technical damage, are

New York: Checkmarx has announced open beta support of the Scala programming language. The new capability adds the ability to analyze and remediate security risks and vulnerabilities exposed in projects written using Scala code.   Checkmarx is the first static

It’s a tale as old as time, the last person you ever thought you would love becomes the one person you can’t live without. Enter – software security and developer teams, did you see that one coming? While these teams

Software is now embedded in every aspect of modern day business, making it critical for organizations to understand how the industry is evolving and where it’s headed. The internet, with the addition of software, has changed the way people and

Then, on January 19th, internet account passwords for 14 Trump appointees, including Rudy Giuliani and Michael Flynn, were leaked online, the result of “mass breaches of websites like LinkedIn, MySpace, and others between 2012 and 2016,” according to a report

J is for JavaScript. JavaScript is a core component of and present in almost every element of the web browsing experience. Because of the prolific nature of JavaScript on the web, any JavaScript vulnerabilities that are identified are valuable to

Checkmarx, an application security testing company, has announced open beta support of the Scala programming language. The new capability adds the ability to analyze and remediate security risks and vulnerabilities exposed in projects written using Scala code.   Click here

“A Twitter account probably has no financial value by itself but depending on the account owner, it could be used to spread false information and create wrong impressions,” Amit Ashbel, director of product marketing and cyber security evangelist at application

Amit Ashbel, cyber-security evangelist at Checkmarx told SC: “I think that it’s not exactly the fake news that create these excellent lure tactics but rather the targeted news.” “Modern social engineering campaigns are based on research. Hackers build a persona

There was a pretty simple premise behind last week’s Shift Left conference, organised by Checkmarx at the Bulgari hotel in Knightsbridge.  If you look at the software development cycle, it typically starts with the setting of requirements, design, build, test,

NEW YORK: Checkmarx has announced Shmuel Arvatz as the company’s new chief financial officer (CFO). In this role, Mr. Arvatz will report to Checkmarx CEO Emmanuel Benzaquen, and will have global responsibility for leading the company’s financial operations, as well

Paul Curran, Content Specialist for Checkmarx looks at several major trends to provide insight on what the software security world will look like in 2020. Society, having moved from an industrial age to the birth of the internet is now

The hacking thriller Mr. Robot may have been snubbed by the 2017 Golden Globe Award nominating committee this month, but security researcher Sarah Vonnegut’s blog –  5 ‘Mr. Robot’ Hacks That Could Happen in Real Life – about the award-winning season

Asaph Schulman, vice president, marketing, for Checkmarx, an application security firm, says “the threat landscape is constantly evolving and in an era where every department of every company seems to be developing software, it is difficult to manage what one

Adopting a DevOps culture is becoming increasingly discussed with a HP Enterprise report recently claiming that 99 per cent of operations professionals agreeing that it can improve application security but unfortunately the report also highlighted that only 20 per cent

Amit Ashbel, cyber-security evangelist at Checkmarx told SC Media UK, “on a day that Yahoo admits that one billion account credentials have been stolen. The fine that Ashley Madison got seems like peanuts.” “I think it’s important to enforce cyber-security

Society, having moved from an industrial age to the birth of the internet is now truly an era where software has become the most critical aspect of our modern world. In earlier times, manufactured products left the factory with just

In my opinion the biggest trend in software development for 2017 will be the continued shift to agile based software development methodologies. Our current social media driven society is pushing organization to release new feature filled web and mobile applications

Paul Curran, Content Specialist, Checkmarx looks at several major trends to provide insight on what the software security world will look like in 2020. Society, having moved from an industrial age to the birth of the internet is now truly

For a timeline of other notable hacks and breaches from last month, see the following infographic from application security provider Checkmarx.   Click here to view the full article and infographic. 

Amit Ashbel, cyber-security evangelist at Checkmarx told SC that Mirai throws threw the security of the IoT into sharp relief: “Security experts have brought up the concern of IoT vendors neglecting security more than once over the past years and

Society, having moved from an industrial age to the birth of the internet is now truly an era where software has become the most critical aspect of our modern world. In earlier times, manufactured products left the factory with just

Matt Rose, global director of application security strategy at Checkmarx, said he was wary about Zimperium releasing the exploit code. “The reasoning here is that it is a real issue and consciously being ignored then by the vendor and releasing

As American shoppers gear up for the biggest shopping weekend of the year – the perfect storm of Thanksgiving Day, Black Friday and Cyber Monday – more and more shoppers are preparing to do their purchasing online from the comfort

Matt Rose, global director of Application Security Strategy at Checkmarx Ltd., an app security testing company, said ‘‘the problem is that cyberattacks are not just a technology issue but a process and people issue as well.’’ In order for security

NEW YORK: Checkmarx has announced a new Checkmarx plugin for the Microsoft Visual Studio Team Services platform. The new Checkmarx (CxSAST) Microsoft Visual Studio Team Services Plugin allows organizations with agile development practices to embed security into their software development

Checkmarx just announced a new Checkmarx plugin for the Microsoft Visual Studio Team Services platform. The new Checkmarx (CxSAST) Microsoft Visual Studio Team Services Plugin allows organizations with agile development practices to embed security into their software development lifecycle (SDLC) without the

Checkmarx, a global leader in software application security, and allPay, a financial technology enterprise with a third-party payment platform, has announced allPay’s full implementation of Checkmarx solutions to increase its security posture. Checkmarx worked with industry partner, Galaxy Software Services Corporation (GSS),

One malicious email can, and has, jeopardized the sensitive data of countless U.S. civilians. How? Federal agencies collect and store some of the most sensitive and top secret data. This data ranges from top secret defense IP’s in the Department

Built-in security education Checkmarx is one of several vendors looking to address that very issue. “We take source code, and do the analysis on 10 or 100 lines of code, allowing the developers to see the vulnerabilities at a very

The most important culture change required to embrace DevOps in an organization is to forget about the traditional silo approach. Departments are no more responsible for their own delivery but rather everyone is responsible to deliver. While this sounds a

Doomed to repeat mistakes “In my many years of experience helping some of the largest organizations in the world roll out effective application security programs utilizing SAST the scariest trend I have seen is that application security takes a back

Testing is an integral part of application security (AppSec) but according to the recent SANS State of Application Security report recently commissioned by Checkmarx, how organisations test is very diverse. The report identifies how organisations test, who is responsible for testing,

APP DESIGN: SECURITY I think application performance is a huge subject but with what the world of software is going through today a lot has to do with security. I believe that the ability to deliver applications which have been

DevOps can be beneficial Organizational culture and its processes and technology are evolving at a pace we have never experienced before. As a result, we can’t just sit back and wait for the “DevOps fad” to fade away because it

Yahoo will be sued over the mega breach that was revealed last week. A resident of New York, Ronald Schwartz, filed the suit on Friday in a California court represented by law firms Robbins Geller Rudman as well as Dowd

Amit Ashbel, Cyber Security Evangelist, Checkmarx, explains why automated application security testing is the first step in combating cyber crime. The world is moving at an incredible pace. New technologies are regularly announced and whole ecosystems developed around them; such

Checkmarx announced availability of a new secure coding eLearning platform, called AppSec Coach, providing Checkmarx customers the ability to address one of the greatest challenges in the software industry when it comes to application security: finding an effective way to

An organization’s security isn’t the responsibility of its IT department alone. Development teams need to be vigilant too and take measures to rid their software of vulnerabilities, a requirement that Checkmarx Ltd. wants to help address with the new training

AppSec Coach Key features: AppSec Coach provides an education platform to train developers the principles of application security and secure coding. Unlike other solutions, the AppSec Coach is used in the context of the developer’s work, when it is needed

By exposing developers to security as part of the coding process, they can learn more about creating secure code and so reduce the time needed for testing. Recent research claims that a quarter of third party apps are high risk

CxSAST, Swift Programming Language Support Key features: New Swift language support, provides Checkmarx CxSAST users with the ability to identify, and mitigate security, quality and compliance issues in their Swift code. More info.     Read more on Network World here. 

Jeremy Corbyn intends to introduce a digital ‘bill of rights’ in the UK. The leader of the Labour party presented his intentions in Shoreditch as he unveiled the ‘digital democracy manifesto’, setting out proposed guarantees for citizens in the online

As demand to access company information on the move and from mobile devices increases it places extra strain on security resources. Existing web applications firewalls (WAFs) monitor traffic but don’t have an understanding of the logic of data flows and

The world’s leading information security publications have featured Pakistani security researcher, Rafay Baloch, as one of the top ethical hackers in 2014, putting the 21-year-old Karachiite on top of their lists, The Express Tribune learnt on Thursday. “Ethical hacking, which makes the

TEL AVIV, Israel, Dec 30, 2014 (BUSINESS WIRE) — Checkmarx, web and mobile Application Security Testing (AST) solutions provider, was positioned as a Leader in The Forrester Wave™: Application Security, Q4 2014. Forrester Research, Inc. invited 12 AST solution providers

It’s kind of funny and ironic that we humans are all about instant gratification, yet with information risk issues such as source code analysis, we tend to want to wait until everything’s perfect (and way more costly) before we get

It seems that 2014 was the year of data breaches in the business world. Target, Home Depot, AT&T, JP Morgan, eBay, P.F. Chang’s and other high-profile brands all fell victim to cybercriminals, compromising both the companies’ reputations and their customers’

IT managers today are faced with many tasks and not enough time to complete them all. While these individuals are primarily tasked with ensuring that their top developers efficiently write code lines, they are also often regarded as the responsible

Our use of term ‘citizen’ has evolved. It has transmogrified from its original context pertaining to: any native or naturalized member of a state or nation who owes allegiance to its government. Today then, citizen means: a consumer-level or non-specialist

Designers can take an idea and turn it into a masterpiece of user interactivity, and because of their competence in all things aesthetic and interface, they’re often asked to undergo tasks that, honestly, should not fall on their shoulders. Yet,

Checkmarx, a leading developer of static code analysis solutions which identify software security vulnerabilities, has been ranked the #1 fastest growing security company in the Israel Deloitte Technology Fast 50 for 2014 – one of Israel’s foremost technology awards. Checkmarx’s

Ron Kormanek, former Hewlett Packard executive, to serve as VP Sales, North America for Checkmarx – a Leading Application Security Solution Provider Checkmarx, a leading provider of application security solutions, today announced the appointment of Ron Kormanek as its VP

IT managers must be exhausted. After all, they are well aware of the difficulty in hiring and managing employees to create secure applications, while also focusing on feature design, implementation and testing. These are mammoth tasks that can easily drive

The interconnectedness and rapid development of mobile technology are revolutionizing the consumer market. Retailers have fully computerized mechanisms driven by complex applications to bring their products to the mobile market, which has introduced serious security flaws into the ecosystem that

Integral, a highly respected New Zealand software developer is today announcing a resell agreement with Checkmarx, a global leader in Application Security Testing solutions. “We are excited to announce the launch of this agreement between Integral and Checkmarx. The agreement

Checkmarx positioned furthest for completeness of vision in the Challengers Quadrant Checkmarx, a leader in web and mobile application security solutions, has been positioned the furthest for completeness of vision in the Challenger’s quadrant of Gartner’s 2014 Magic Quadrant for

Prestigious Award Given to Europe’s Most Promising Private Technology Ventures (April 14, 2014. Tel Aviv, Israel) – Checkmarx, a leading provider of code analysis tools that identify security vulnerabilities in web and mobile applications, is delighted to be awarded a

Amidst the sudden surge of security threats and emergence of innovative security approaches, enterprise security firms that are able to function as a catalyst in connecting the industry with the cutting-edge security solutions will dominate the market. Since an organization’s

The companies will jointly work on Application Security. (CBR) –November 14, 2013 – IT consultants Ballintrae and Checkmarx, an application security testing, have joined forces to reduce software risk. With risk high on the boardroom agenda, it is hoped that the partnership will

Provides faster and better remediation guidance within the developers’ environment Security Innovation, an authority in application security assessment and training, and Checkmarx, a leader in Application Security Testing, announce the seamless integration of TeamMentor with Checkmarx’s CxSuite Static Application Security

CloudSpokes, the leader in crowdsourced cloud development, today announced the availability of Thurgood, a new cloud-based tool to automatically analyze the build, quality and security of code. As more organizations turn to crowdsourced and outsourced developer talent, CloudSpokes’ Thurgood gives developers and

The leader in Application Security Testing solutions, Checkmarx Ltd. is today announcing a partnership with Developer Garden, the Deutsche Telekom AG (DAX; DTE) ecosystem for developers. “We are proud to announce the launch of this important and strategic partnership between

Press Release: Checkmarx – Wed, Feb 20, 2013 7:00 AM EST TEL-AVIV, Israel, February 20, 2013 /PRNewswire/ – Checkmarx is delighted to announce a new strategic partnership with the Eclipse Foundation. Recognized as a pioneer and leader in the Open Source software

Increasing Demand for Development and Testing Services Fueled Record Revenues and New Customer Growth SAN MATEO, CA–(Marketwire – Feb 7, 2013) – CloudShare, the leader in cloud services for pre-production, announced today a record fiscal 2012, achieving 3X growth in

Cenzic Inc., the leading provider of web application security intelligence to reduce security risks, announced today a strategic alliance with Checkmarx Ltd., the leading provider of Static Application Security Testing (SAST) solutions. As part of the alliance, Cenzic will offer the … Read More

October 11, 2011: Tel Aviv, Israel — Checkmarx Ltd., the leading provider of static application security testing (SAST) solutions, today announced it has completed a new round of funding led by original investor Ofer Hi-Tech (https://www.oferhitech.com) and joined by salesforce.com

Checkmarx, the leading provider of static application security testing (SAST) solutions, has been included by Dr. Joseph Feiman as one of five “Cool Vendors” in the April 2010 “Cool Vendors in Application Security, 2010” report by Gartner, Inc. on 14 April … Read More

Checkmarx, the leading provider of code analysis for security, today announced the general availability of a cloud-based security code review service. … Read More