Nick V

Category //

Nick V

Cloud-Based Dev Teams: Shift Security Left

Cloud-based managed services as well as IaC practices are increasingly popular among application developers for the efficiencies they create. But if dev teams are not careful, experts warn, they could be maliciously exploited.

Read More »

Israel’s Top 10 Hi-Tech Exits of 2020

Israel’s hi-tech environment didn’t stop in 2020. Despite the effects of the pandemic through all layers of society, the Start-Up Nation barely missed a beat. Israeli IPOs and acquisition deals of technology firms soared 55% to a whopping $15.4 billion in

Read More »

Everyone Needs to Smarten Up On Smart Technology

While any bipartisan bill is likely to generate varying viewpoints, this is one that should be applauded, considering the biggest gap in addressing IoT security is lack of awareness. But is it really enough to generate industrywide change?

Read More »

Threats in Meetup Group Chat

The online portal Meetup.com is very popular – and is also used during the corona pandemic to organize personal or virtual meetings, to find like-minded people and to chat. Until recently, however, this was not without risk.

Read More »

10 Ways AI Is Accelerating DevOps

Maty Siman, CTO at Checkmarx says that “assuming that your developers are writing quality, secure code, machine learning can set a baseline of “normal activity” and identify and flag anomalies from that baseline.”

Read More »

7 IoT Tips for Home Users

Whether for business or pleasure, you’re on your own once you walk into the house with a new Internet of Things device. Checkmarx’s head of security research Erez Yalon weighs in on how to keep everyone secure.

Read More »

The 3 deadly sins of insecure programming

Over time, experienced security professionals see the same programming mistakes occur over and over again. In application security, these are usually found either in the design of the software or in the way that this design is implemented—in how the

Read More »

The price we pay for convenience may be too high

Amazon experienced yet another successful holiday season, and the Echo Dot was the top-selling item on its website for the third consecutive year. As Alexa continues to make its way into millions of households worldwide, users should proceed with caution when

Read More »

Checkmarx Enhances Software Exposure Platform

Checkmarx unveiled major advancements to accelerate adoption of the most comprehensive, unified software security solution on the market. As the application layer increasingly is the source of successful attacks, risks are amplified as organizations move to agile development and DevOps

Read More »

Security Matters When It Comes to Mergers & Acquisitions

Software security issues aren’t going away anytime soon, as proven by the recently disclosed colossal breach at Marriott. Sure, we could rehash the typical post-mortem responses such as securing the software development life cycle, shifting left, DevSecOps, or other industry

Read More »

Checkmarx 2019 Predictions: DevSecOps Takes Center Stage

2018 was a banner year for software technologists, with advancements in artificial intelligence and machine learning, and the Internet of Things advancing at a rapid pace. Security breaches continued to make regular headlines, with serious attacks most often targeting the

Read More »

Germans do not care enough about cybersecurity

Cyber ​​security is neglected in Germany. All participants of the discussion forum “Cyber ​​relations between Israel and Germany” are in agreement this morning in the conference room of the Israeli software company Checkmarx. (German)

Read More »

How to Become a DevSecOps Engineer

One of the most important roles within DevOps, however, is the Security Engineer or DevSecOps Engineer. This deeply rewarding career requires a specific technical skill set, current knowledge of cybersecurity trends and a decent amount of experience.

Read More »

Security 2019 Predictions (Part 7)

Given the speed with which technology is evolving, we thought it would be interesting to get IT professionals predictions about what’s going to happen on the security front in 2019. Here’s more of what they told us:

Read More »

Navigation Apps May Be Following You

As holiday travelers hit the road, Checkmarx outlines vulnerabilities in navigation apps from GPS companies Garmin and TomTom. ‘Tis the season to be … traveling. AAA estimated that this past Thanksgiving holiday would be the biggest on the country’s highways and

Read More »

Cloud 2019 Predictions (Part 5)

The diversity of cloud options, and adoption, make integration and security key. Given the speed with which technology is evolving, we thought it would be interesting to ask IT executives to share their predictions about what they see on the horizon

Read More »

AI/ML 2019 Predictions (Part 5)

2019 will be the year of the data engineer. Given the speed with which technology evolves, we thought it would be interesting to ask IT executives to share their predictions for the coming year. Here are more of their thoughts

Read More »

Open Source 2019 Predictions (Part 2)

Open source gains validity across industries as more integrate it into their stacks. Given the speed with which technology is evolving, we thought it would be interesting to ask IT executives to share their predictions for 2019. Here’s what they

Read More »

Microservices 2018 Surprises and 2019 Predictions

Microservices will see continued growth in adoption as enterprises determine where they are most appropriate. Given the rate with which technology is changing, we thought it would be interesting to ask IT executives to share their thoughts on the biggest

Read More »

Top security tips revealed by industry experts

Tech professionals and executives share their top security tips for work–and home. Regardless of your career, when you work with technology you’re usually inundated with security risks and threats, many of which are tough to keep up with.

Read More »

Custodians of Software Quality

Clean up your act and your software with these principles. Achieving predictability of quality is very important for successful software releases. Achieving a high quality of projects/products is the ultimate goal for everyone.

Read More »

Top application security tools for 2019

Checking for security flaws in your applications is essential. These tools can help find and fix them. The 2018 Verizon Data Breach Investigations Report says most hacks still happen through breaches of web applications. For this reason, testing and securing applications has become a priority

Read More »

Checkmarx Announces Acquisition of Custodela

Checkmarx recently announced the acquisition of Custodela — a company that provides software security program development as well as consulting services focused on DevSecOps. This acquisition will allow Checkmarx to assist CIOs and CISOs in speeding up the maturity of

Read More »

Checkmarx Acquires Custodela

Checkmarx has acquired Custodela, an Ontario-based provider of software security program development and consulting services focused on DevSecOps. The acquisition positions Checkmarx to empower CIOs and CISOs in accelerating the maturity of their DevSecOps programs with expert services for software security

Read More »

Checkmarx Acquires Custodela

The purchase adds DevSecOps capabilities to a software exposure platform. Checkmarx has announced the acquisition of Custodela in a deal that will bring DevSecOps integration to the Checkmarx platform.

Read More »

How Security Can Enable Digital Transformation

Digital transformation can mean many different things to a variety of business leaders. But at its core, it is the process of integrating digital technologies into business practice. Organizations embark on a digital transformation journey for more efficiency, increased cost savings,

Read More »

AppSec Is Dead, but Software Security Is Alive & Well

Application security must be re-envisioned to support software security. It’s time to shake up your processes. There’s no denying that an enterprise’s application ecosystem must be protected, especially when the average total cost of a breach comes in at $3.62 million.

Read More »

Addressing Software Exposure Within the DevOps Cycle

There once was a time in software development where developers could design, build and then think about their software’s security. However in today’s highly connected, API-driven application environment, this approach is simply too risky as it exposes the software to

Read More »

Turning an Echo Into a Spy Device Only Took Some Clever Coding

IT’S IMPORTANT NOT to overstate the security risks of the Amazon Echo and other so-called smart speakers. They’re useful, fun, and generally have well thought-out privacy protections. Then again, putting a mic in your home naturally invites questions over whether it can be used for eavesdropping—which

Read More »

New Skill Let Amazon Alexa Spy on Users

As a proof of concept, researchers from Israel-based application-security firm Checkmarx wrote a malicious “skill,” or Alexa functions, that managed to turn an Amazon Echo Dot into a full-fledged eavesdropping device that recorded dialogue indefinitely and sent transcriptions of human speech to a third-party

Read More »

Researchers Hacked Amazon’s Alexa to Spy On Users, Again

A malicious proof-of-concept Amazon Echo Skill shows how attackers can abuse the Alexa virtual assistant to eavesdrop on consumers with smart devices – and automatically transcribe every word said. Checkmarx researchers told Threatpost that they created a proof-of-concept Alexa Skill

Read More »

Alexa Turned Spy, Able to Snoop on Users

Amazon put a quick stop to an issue in Alexa’s skill set after Chexmarx researchers reported that her skill set could be expanded to listen in on users not just some of the time but all of the time. According to a Checkmarx research

Read More »

Researchers say they tricked Alexa into spying on them

Researchers at security firm Checkmarx say they built a proof-of-concept skill for Amazon’s Echo devices that in theory could have voice assistant Alexa listen to, transcribe, and report what users said after they thought they had finished using a legitimate service. They

Read More »

Amazon’s Alexa had a slight eavesdropping flaw

Researchers at the security firm CheckMarx discovered a security flaw in Amazon’s Alexa voice enabled digital personal assistant that could have been used to eavesdrop and transcribe any ambient conversation. But, there are caveats: The flaw requires a user to not

Read More »

Tinder Flaw Lets Anyone Snoop on Your Swipes

Israeli security firm Checkmarx released a report on the subject, entitled “Are You on Tinder? Someone May Be Watching You Swipe.” The paper covers two distinct and potentially troubling flaws. The first takes advantage of unsecured Tinder protocols; the second

Read More »

Tinder flaw could expose your swipes to snoops

There’s a basic security measure missing from Tinder’s mobile dating app. And it could let prying eyes see your potential matches, along with whether you swiped left or right, a security firm has found. The issue was discovered by researchers at the security

Read More »
Skip to content