Free Virtual Summit
Agentic AppSec Unleashed '26 is June 16th
Register Now
Outlook Report
The Future of Application Security in the Era of AI
Download Now
×
Checkmarx for Developers
Partners
Blog
Research
Platform
Platform Overview
Checkmarx One
The unified AI-powered application security platform — every surface, one correlated risk view.
Gartner Magic Quadrant Leader
Explore the platform →
AI-Powered Security Agents — Checkmarx Assist
Developer Assist Agent
Triage & Remediation Assist Agent
Checkmarx MCP Server
Coming Soon
Unified Risk Intelligence & Governance (ASPM)
ASPM
Hybrid Scanning Engines
Developer Security
●
NG SAST
●
Secrets Detection
●
IaC Security
●
API Security
Supply Chain Security
●
SCA
●
Malicious Package Protection
●
Container Security
●
Repository Health
●
AI Supply Chain Security
Supply Chain for AI
●
AI-BOM
New
●
MCP Scanning
Coming Soon
Runtime Protection
●
DAST for AI
Solutions
By Industry
Financial Services
Global Capability Centers
Healthcare
Insurance
Life Sciences
Public Sector
Technology
Why Checkmarx
Why Checkmarx
Why Checkmarx
Our differentiators & strengths
Customer Stories
Real results from real customers
Checkmarx vs. The Competition
See how we compare
Recognition
Awards & Industry Recognition
Gartner, Forrester & analyst reports
Trust Center
Security, compliance & certifications
Resources
Resources
Analyst Reports
Gartner, Forrester & more
Solution Briefs
Product-level deep dives
Videos
Product tours & explainers
Webinars
Live and on-demand sessions
Glossary
Application Security Glossary
View All Resources →
Learn
Blog
AppSec insights & news
Documentation
Technical guides & API docs
Knowledge Hub
Best practices & how-tos
Customer Enablement
Training & certifications
Research
Current Vulnerabilities
Latest CVEs & threat intel
Zero Blog
Checkmarx Zero research
Research Papers
Research papers & reports
Company
About Checkmarx
About Us
Our mission and story
Leadership
Meet the executive team
Press Releases
Latest company news
Events
Conferences & webinars
Brand Kit
Logos, assets & guidelines
Careers
Join the team
Services
Premium Services
Expert-led security programs
Support
Technical support plans
Maturity Assessment
Evaluate your AppSec program
Get in Touch
Support Portal
Access your support tickets
Contact Us
Talk to our team
Pricing
Get Started →
Get Started
Home
Blog
Checkmarx Blog
Find it all here - expert insights, opinionated views and more
All articles
Shape
Tag
#DevSecTrust
2027
Account Takeover
ADLC
AEG Smart Scale
Agentic AI
Agentic AppSec
AI
AI Agents
AI generated code
AI in Engineering
AI Powered
AI Revolution
AI Security
AI-Generated Code
Analyst
Analyst Reports
Android
Android App
Android Vulnerability
Android WebView
Android's NFC Design
Announcement
Apache Dubbo
Apache Software Foundation
Apache Struts
Apache Unomi
API
API Security
APMA
APMA Digital
Application Security
Application Security Awareness
Application Security Platform
Application Security Program
Application Security Testing
Application Security Training
Application Security Vulnerabilities
AppSec
AppSec Awareness
Appsec Awareness Program
AppSec Maturity
AppSec Platform
AppSec Services
AppSec Survey
AppSec Testing
Arbitrary Code Execution
Article
ASCA
ASPM
AST
AST Platform
Automation
Autonomous Remediation
Awareness
AWS
AWS Marketplace
Banking Sector
BLE
Bluetooth
Bluetooth Low Energy
bluetooth security
BOLA
Breaking News
brinqa
Catastrophic Backtracking
CheckAi
Checkmarx
Checkmarx Application Security Platform
Checkmarx Developer Assist
Checkmarx Fusion
checkmarx one
Checkmarx One 3.0
Checkmarx One Assist
Checkmarx Partners
CIO
CISO
Claude Code
Claude Mythos
Cloud AppSec Testing
Cloud Native
cnapp
Code Execution
code to cloud
Codebashing
Coding Languages
conferences
Consolidation
Container Security
CoPilot
Cross-Site History Manipulation
Crypto
CSRF
CVE
CVE-2020-13669
CVSS 3
CxFlow
cxsa
CxSAST
CxSCA
Cyber Security
cybersecurity
dast
data exposure
Deep Dive Webinar
Denial of Service
Developer
Developer Advocate
developer assist
Developer Education
developer experience
Developer Survey
developer training
Developers
devex
DevOps
DevSecOps
Docker
DORA metrics
dos
Drupal
Drupal security analysis
English
EU
Exec
Exploitable Path Analysis
Federal Government
Forrester Wave
Free
fusion
Future of AppSec
Gartner
Gartner Magic Quadrant
GenAI
GenAI Security
GitHub
GitLab
Go
Golang
HTTP2
HTTPS
IaC
IAC Security
IDC Marketscape
IDE Scanning
Industry Reports
Infrastructure as Code
Infrastructure as Code Security
Injection Attacks
input sanitization
Integration
Interactive Application Security Testing
Internet Of Things
IoT
JavaScript
JSON
KICS
Kiro
Kubernetes
Launch
Leadership
Lenovo Watch X
List of Risks
LLM
Log4j
macOS
MAD
malicious code
Malicious Packages
Man in the Middle
microservices
MitM
Mobb.ai
Mobile App Security
Modern Application Development
MPIAPI
Mythos
National Cybersecurity Strategy
New Engine
NIS2
NIST
NIST 800-218
Nondeterministic Finite Automaton (NFA)
Open SAMM
open-source
Open-Source Analysis
Open-Source Components
open-source programming language
Open-Source Projects
Open-Source Security
Open-Source Software
Open-Source Supply Chain
OWASP
OWASP 2016 Mobile Top 10
OWASP API Security Project
OWASP API Top 10
OWASP Top 10 API
Partner Program
partners
partnership
PHP
Platform
privacy
Privilege Escalation
Public Sector
PubSec
PyPi
Python
Python Obfuscation
Race Condition
Random-token Sanitizer
RCE
Recommendations
ReDoS
Reflected XSS
regex
Regular Expression Denial of Service
Regular Expressions
Regulatory Requirements
Remote Code Execution Vulnerabilities
repository health
Research
RSAC
RSAC 2026
S3
SAMM
SAST
SBOM
SCA
SCA security
SCS
SDLC
secrets
secrets detection
Secure Coding
Secure Coding Education
secure coding practices
Secure Development
Secure SDLC
security
Security Champions
Security Leadership
security maturity
security research
Security training
Security Vulnerabilities
Security Vulnerability
Self-XSS
ServiceNow
Session Hijacking
Shift Left
smart scale
smart watch
Sniffing
Software Assurance Maturity Model
Software Bill of Materials
Software Composition Analysis
Software Developers
Software Development
software exposure
software security
Software Supply Chain
Software Supply Chain Security
Source Code Analysis
Speed and Security
SQL Injection
SSCS
sSDLC
SSL/TLS
static analysis
Static Application Security Testing
static code analysis
Stored-XSS
Supply Chain
supply chain attack
suspicious packages
Sysdig
Thought Leadership
Tips
Top 10 Issues
Top Considerations
typosquatting
US Government
vibe coding
Voice of the Customer
Vulcan Cyber
vulnerabilities
Vulnerability
vulnerability disclosure
Vulnerability Remediation
Vulnerable Apps
vulnerable IoT objects
Web Tokens
Webinar
WebView
XSS
Year in Review
Applied Filters:
Clear filters
April 11, 2025
Secret Sprawl: The Silent Threat to Enterprise Security
Read More