News | Checkmarx Application Security

Checkmarx.com

News

Your one stop for the latest application security articles, stories, and trends. Stay on top of the news and know what’s happening, both at Checkmarx and in the industry at large.

News

Predictions 2018: How DevOps, AI Will Impact Security
December 14, 2017

Amit Ashbel, Director of Product Marketing and Cyber Security Evangelist, Checkmarx:  Here’s what’s next for DevOps.  “DevOps is still maturing, and while many organizations are shifting to DevOps, many are still in the process and not there yet. That said, the DevOps movement will continue to grow and increase its scope to cover... Read More

Infosec expert viewpoint: DevOps security
November 27, 2017

In talking to companies all over the U.S, it is almost unanimous that DevOps is here to stay. DevOps modernizes the software development life cycle and deployment to account for the way businesses are run. I would say 90-95% of enterprise companies have some sort of DevOps initiative and are... Read More

Share the Cost of Secure Application Development
November 22, 2017

The cost of protecting applications from cyberattacks is climbing fast. So, it's time for business units to help cover the pricetag. The 2017 Ponemon Institute study reaffirms that while this year has seen more hacks and breaches than 2016, organizations are actually spending less money per breach. But the climbing security stocks... Read More

The Best Way for Dev and Ops to Collaborate
November 9, 2017

The DevOps culture removes the barriers between departments, and especially among those most deeply involved in DevOps; that is, the operations teams and developers. Historically, there has been a culture... Read More

How Checkmarx Is Helping Developers Improve Mobile Security Skills
October 26, 2017

Checkmarx has launched new mobile security courses for developers. The interactive courses include secure coding for Android Java, Android Kotlin, iOS Objective C, and iOS Swift. There are 9 free courses which... Read More

Checkmarx 2018 Predictions: DevOps is Here to Stay
October 23, 2017

One of the biggest areas for application security in 2018 is how it fits within a true DevOps environment. In my discussions with some of the largest organizations in the world there seems to be one common theme, and that is the movement to a true DevOps program. DevOps is a hot... Read More

Checkmarx Expands Codebashing Developer Application Security Training With New Interactive Mobile Security Courses
October 17, 2017

The importance of integrating security tests in the software development life cycle is commonly discussed and widely agreed upon, yet getting developers to write secure code to begin with is... Read More

ShiftLeft’s new cybersecurity platform customizes itself for every workload
October 11, 2017

Thanks to sophisticated development tools and practices that have emerged in recent years, application teams are producing code faster than ever. The downside is that the shorter release cycles become, the... Read More

Cloud-native apps push static code analysis tools to the limit
September 27, 2017

Matt Rose is the global director of application security strategy at Checkmarx, an organization that provides static code analysis tools that play a key role in the secure software testing... Read More

Pumpkin-Spiced Cybersecurity: October Is National Cyber Security Awareness Month
September 27, 2017

Cyberattacks, including global ransomware attacks, massive data breaches, and distributed denial-of-service attacks have recently dominated the headlines, saturating consumers’ news intake with stories about cybersecurity threats. These repeated reminders of... Read More

A bug fix always beats a round of risk assessments
September 26, 2017

“Many organizations have an effective process for identifying problems, but no process for remediation,” said Matt Rose, the global director of application security strategy at Checkmarx. “Organizations do a lot... Read More

CloudBees, partners add Jenkins services, security
September 25, 2017

For its part, Checkmarx, an application security software company, introduced a new release of its Interactive Application Security Testing product, CxIAST. The product enables continuous application security testing in real time, so software delivery schedules are not affected by security testing. Click here to continue reading Read More

Containers and microservices complicate cloud-native security
September 13, 2017

But not every data breach can be blamed on an end user, which is why developers must be vigilant when it comes to cloud-native security. According to Matt Rose, global director of application security strategy at Checkmarx, it's commonplace for his software company's static code analysis tools to identify places... Read More

Jenkins World 2017 Highlights the Growing Ubiquity of Continuous Integration
August 31, 2017

Matt Rose, global director of application security strategy at Checkmarx, said that Jenkins is the bellwether for the CI/CD world. “Most of our customers are using Jenkins in some way.... Read More

Gigster receives $20M in funding, Checkmarx’s DevSecOps platform, and Okta’s two-factor authentication — SD Times news digest: August 30, 2017
August 30, 2017

At Jenkins World 2017, Checkmarx announced its new Interactive Application Security Testing solution, CxIAST, which gives teams continuous application security testing in real time, with zero scan time, accuracy and... Read More

Mobile data theft a risk from shared app libraries
August 16, 2017

Matthew Rose, ‎global director of application security strategy at Checkmarx, an application security software vendor headquartered in Israel, said there were a number of ways a shared library might be... Read More

Alert: Avoid These Security Cameras Like the Plague
August 3, 2017

The Loftek CXS-2200 and VStarcam C7837WIP, which look nearly identical, contained more than a dozen vulnerabilities between them, many of which would let an attacker take over the camera from the internet. "The vulnerabilities just kept on coming," the report notes. "A malicious user can exploit your device to track... Read More

Two IP-enabled cameras full of flaws
August 3, 2017

Checkmarx researchers said a pair of IP-enabled security cameras have nearly two dozen flaws that would make them vulnerable to attack. Loftek DSS-2200 and VStarcam C7837WIP, manufactured in China and aimed at the consumer market, also can be pressed into service as botnets to execute distributed denial of service (DDoS)... Read More

Two Popular IP Cameras Riddled With Vulnerabilities
August 3, 2017

Two consumer-grade IP-enabled security cameras manufactured by Loftek and VStartcam are riddled with nearly two dozen vulnerabilities that expose them to remote attacks. According to researchers, more than 1.3 million of the cameras are in use today, with 200,000 models located in the United States. Based on a report released... Read More

Remotely Exploitable Flaws Found in Popular IP Cameras
August 2, 2017

Checkmarx researchers have analyzed a couple of IP cameras from Loftek and VStarcam and discovered several new vulnerabilities and variations of previously found flaws. In Loftek’s CXS 2200 camera, experts discovered cross-site request forgery (CSRF) flaws that can be exploited to add new admin users, server-side request forgery (SSRF) flaws... Read More

Skip to content