Checkmarx booth at Black Hat USAThere was tremendous interest in Checkmarx’s approach to static, interactive and open source application security solutions, along with secure coding education for developers. And, with the Verizon 2019 Data Breach Investigation Report finding that 70% of breach incidents were caused by attackers targeting vulnerable web applications containing software defects, it’s no surprise this was the case. Most conversations in the Checkmarx booth were centered specifically on how to embed security into DevOps, a hot topic and one we love to talk about. We explained that with software now ingrained everywhere and attack surfaces expanding, organizations must prioritize unifying software security and DevOps to reduce software exposure and potential vulnerabilities. Nicole Ferguson of Google Cloud shared a similar sentiment, providing a fantastic presentation on the inevitable marriage of DevOps and security, where she highlighted the overlap between DevOps’ priorities and modern infosec’s goals. So what else was the Checkmarx team up to during Black Hat and DEF CON? Well, quite a bit.
We released new research disclosing vulnerabilities in LeapFrog’s LeapPad Ultimate…The Checkmarx Security Research Team published its latest findings last Wednesday, discovering how cyber-attackers could hack into LeapFrog’s LeapPad Ultimate tablets. You can read more here in case you missed it, but to summarize, the LeapPad Ultimate became yet another product added to an ever-growing list of vulnerable Internet-connected devices. The Checkmarx team identified a Man-in-the-Middle vulnerability, allowing adversaries to tap into a LeapPad Ultimate’s communications to reveal an abundance of PII – ranging from children’s’ locations to parents’ credit card details. Thankfully, LeapFrog addressed the vulnerabilities quickly and thoroughly, but this is still a good reminder that no device is safe, regardless of whether or not it’s easily connected to the Internet.
We became cybersecurity’s next ‘Black Unicorn’…On the company news front, we were thrilled to be named a Black Unicorn Award winner from Cyber Defense Magazine, recognizing our amazing growth trajectory in software security and potential to be a major force in the overall cybersecurity landscape. The award judges predict that Checkmarx is well-positioned to surpass a $1 billion or greater market value. The Black Unicorn award is a noteworthy recognition and a testament to our entire team’s accomplishments here at Checkmarx.
Checkmarx CEO, Emmanuel Benzaquen, holding the Black Unicorn award
We raced a few cars at our Xcelerate 2019 event…Amidst all the news, we found time to kick-back, relax, and even hop in some sports cars at the Checkmarx Xcelerate customer appreciation event. Taking place at SPEEDVEGAS, attendees did laps around the race track in their dream cars, enjoyed stellar food from Chef Stephen Hopcraft, and heard from our CTO, Maty Siman, during his presentation, Rise of the Machines, Artificial Intelligence and Security. Maty gave a comprehensive overview of the pros and cons of AI in the security space and discussed how genetic algorithmic probabilities can be used to increase attackers’ chances of success. Finally, Maty discussed how AI can learn patterns to detect repetitive vulnerabilities in code structures and how organizations can use the same techniques as well.
Porsche at Xcelerate 2019
And, last but certainly not least, we sponsored the first-ever DEF CON AppSec Village…When Black Hat was winding down, DEF CON 27 was ramping up. Checkmarx was a Gold Sponsor of DEF CON’s inaugural AppSec Village. Founded by our own Erez Yalon, Director of Checkmarx’s Security Research Team, along with major contributions from many volunteers in the AppSec community, the AppSec Village was a phenomenal success. More than 4000 people came by to participate in the AppSec Village’s keynotes, presentations, workshops, capture-the-flag contests, and networking. We’re already looking forward to next year.
Scenes from inaugural DEF CON AppSec VillageOverall, it’s safe to say it was a great week. Thank you to our customers, partners, colleagues, and peers for another fantastic Black Hat and DEF CON, and see you all next year!