News | Checkmarx Application Security

Checkmarx.com

News

Your one stop for the latest application security articles, stories, and trends. Stay on top of the news and know what’s happening, both at Checkmarx and in the industry at large.

News

IaC: Checkmarx Launches Static Code Analysis KICS
February 25, 2021

The open source software called Keeping Infrastructure as Code Secure looks for weaknesses in IaC. Read More

Checkmarx Unveils New Open Source IaC Scanning Engine
February 25, 2021

Software security solutions provider Checkmarx today launched a new open-source static analysis tool designed to allow developers to write more secure infrastructure-as-code (IaC). Read More

Checkmarx Debuts Keeping Infrastructure as Code Secure Solution
February 25, 2021

In an effort to better secure cloud-native apps, software security company Checkmarx has launched a new open-source static analysis solution. Read More

IoT Cybersecurity Improvement Act: A First Step in Bolstering Smart Tech Security
February 25, 2021

The IoT security bill is a step in the right direction, as it addresses one of the biggest gaps in software security overall -- generating awareness. But is it enough? Read More

Customer Data at Risk: Checkmarx Documents Critical Vulns in Apache Unomi
February 25, 2021

In view of the popularity of the platform, the Checkmarx Security Research Team recently examined the Unomi code - and identified two critical security gaps. Read More

20 Coolest Web, App, and Email Security Companies of 2021
February 23, 2021

Here’s a look at 20 web, application and email security companies that have invested in everything from safeguarding cloud applications and embedding certificates on chips to identifying software vulnerabilities. Read More

Libertarian or Orwellian: What to Make of the Vaccine Passport?
February 17, 2021

To look more deeply at the security implications of the digital vaccine passport concept, Digital Journal sought the opinion of Erez Yalon, senior director of security research at Checkmarx. Read More

How to Secure Your Dating Data This Valentine’s Day
February 14, 2021

The use of dating apps has significantly increased during the Covid-19 pandemic, but what about security and privacy? Read More

Deskpro Accounts Were Vulnerable to Hackers, Checkmarx Reveals
February 14, 2021

The successful exploitation of the discovered XSS vulnerability could have allowed attackers to hijack the sessions of admins and take over the accounts of helpdesk agents. Read More

Checkmarx: Critical Security Vulnerabilities in Remote Support Platform
February 12, 2021

Israeli company Checkmarx reveals critical security vulnerabilities found in DeskPro’s helpdesk platform. Read More

Security Researchers Discover Helpdesk Software Vulnerability
February 12, 2021

After auditing the security of Helpdesk Software solution Deskpro in accordance with the company's Responsible Disclosure Bug Bounty Program, the Checkmarx Security Research Team discovered a severe cross-site scripting (XSS) issue. Read More

Deskpro XSS Flaws Could Hijack Admin Sessions
February 11, 2021

Given the shift to remote work and the need for helpdesk software that lets remote teams collaborate, Checkmarx audited Deskpro’s security as part of the company’s bug bounty program. Read More

When it Comes to Vulnerability Triage, Ditch CVSS & Prioritize Exploitability
February 10, 2021

When it comes to software security, one of the biggest challenges facing developers today is information overload. Read More

When it Comes to Vulnerability Triage, Ditch CVSS & Prioritize Exploitability
February 10, 2021

When it comes to software security, one of the biggest challenges facing developers today is information overload. Read More

Cloud is Native, but Security Isn’t: Shift Your AppSec Testing Approach
February 10, 2021

Cloud-native has evolved from a marketing term into a highly desirable and useful architecture choice, yielding significant benefits for designing, building, and deploying applications. But security is too often overlooked. Read More

Google Play Boots Barcode Scanner App After Ad Explosion
February 9, 2021

A barcode scanner with 10 million downloads is removed from Google Play marketplace after ad blitz hits phones. Read More

Insufficient and Rushed Patched Leads to More Zero-Day Exploits
February 5, 2021

An analysis of 24 zero-day vulnerability exploits discovered in 2020 revealed that a quarter of them appeared to be closely related derivatives of previously known exploits. Read More

Third Mutation XSS Bug Patched in Mozilla Bleach Library
February 4, 2021

Coordinated disclosure helps protect more than 100,000 dependencies. Read More

The Modern Risks of Open-Source Code
February 2, 2021

The question of whether or not open source is as secure as proprietary code has come to the fore with the uptake in usage. Read More

Cybersecurity Tools Gaining an Edge from AI
January 29, 2021

AI applied to cybersecurity can support untrusted authentication, reputational, corporate privacy, and safer remote work. Read More

Skip to content