News -


Your one stop for the latest application security articles, stories, and trends, all in one place. Stay on top of the news, and know what’s happening—both at Checkmarx and in the industry at large.


5 Ways to Create a Secure Software Development Life Cycle (sSDLC)
June 5, 2016

Enterprise level software needs a tightly bound software development life cycle (SDLC) to ensure deployed applications follow business requirements and stay bug-free. In the Hollywood blockbuster version of this high-stakes... Read More

Easy and Cost-Effective Secure App Development
June 4, 2016

Every year, we see a considerable increase in the number and severity of cybersecurity incidents from which companies suffer major financial losses, harm to their reputation, and irreparable damage to their customers. In 2015 alone, cybercriminals raked in billions of dollars from data breaches, as well as account information for... Read More

Hacking: The Case for Prevention Rather Than Cure
June 2, 2016

When the movie Sneakers came out in 1992, hacking wasn't considered a real threat; it was almost something cool that really clever kids did just to prove they could.  More than two decades later, hacking has taken on a far more sinister tone and become a much more profitable profession.... Read More

The OSI model, your security, and giving special consideration to the application layer
June 2, 2016

There’s a certain poignant disappointment that occurs when your expectations do not align with reality. Especially when your expectations are both reasonable and logical. Take the topic of securing an... Read More

How to Integrate Application Security Testing Into the Agile Development Process
June 2, 2016

Testing and rooting out bugs are integral parts of any successful application development process. Most prominent software development standards, including the popular Agile method, include provisions for making sure the end-product... Read More

The Internet of Things will only ever be as secure as its application
June 1, 2016

The pace at which the Internet of Things (IoT) is entering our homes and workplaces is phenomenal. This proliferation brings lots of potential benefits to users but it also presents... Read More

Why websites are so vulnerable to hackers
May 31, 2016

Hackers just can’t get enough of hacking websites. Malicious actors break into them to upload infected copies of operating systems or distribute malware. Fraudsters use website vulnerabilities to steal sensitive credentials and financial info. The feds take them over to track down child porn consumers. Hacktivists take them down to... Read More

Update: 117 million LinkedIn email credentials found for sale on the dark web
May 26, 2016

The 2012 LinkedIn data breach may be the breach that just keeps on giving with the news that 117 million customer email credentials originating from that hack were found for... Read More

By the numbers: Cyber attack costs compared
May 24, 2016

Data breaches caused by malicious insiders and malicious code can take as long 50 days or more to fix, according to Ponemon Institute's 2015 Cost of Cyber Crime Study. While malware, viruses, worms, trojans, and botnets take only an estimated 2-5 days to fix. Unsurprisingly, attacks by malicious insiders are... Read More

Crowdsource your security knowledge: A simple guide to OWASP Top 10
May 20, 2016

Over the past two years, the Internet has seen some of the biggest, most devastating data breaches in history. With each attack, millions of personal identifiable information records are stolen,... Read More

Hacker looks to sell 117M LinkedIn passwords from 2012 data breach
May 19, 2016

LinkedIn says that it is moving quickly to deal with the release of data from a 2012 security breach, which could include 117 million passwords. A hacker is reportedly looking... Read More

Tools, skills and budgets can help developers fight rise in Web app cyber attacks
May 18, 2016

Checkmarx announced that three recent reports highlight the challenge faced by developers in securing code as attacks against web applications increase, while security budgets for developers remain low. As highlighted... Read More

Click-fraud botnet infects 900K to earn money via Google AdSense
May 17, 2016

A click-fraud botnet dubbed “Redirector.Paco Trojan” has infected 900,000 IPs worldwide and has the ability to reconfigure browser settings and network communications. The malware is spread via installers that are... Read More

Security Pros Concerned About Facebook Payment Expansion
May 1, 2016

Facebook's Messenger app has allowed users to send money to friends using their debit cards since last spring, but recent reports indicate that Facebook may be considering a move into the retail payments space as well, following in the tracks of Apple, Samsung and Google. Facebook will need to be... Read More

Static Code Analysis Tools for Bulletproof Software Security
March 30, 2016

Software security is no longer just anti-virus and firewalls. The cloud today offers plenty of excellent options for software developers to increase user reach and availability, yet while these options are beneficial for marketing and revenue, they create many more possibilities for security holes. Manual security reviews are useful, but... Read More

Here Are Israel’s 15 Top-Funded Startups
February 22, 2016

Our country-by-country analysis of the top funded startups continues with the latest installment – Israel. One of the most impressive aspects of Israel’s startup ecosystem is the innate need to build products that have a global appeal. Israeli entrepreneurs are limited by the small domestic market – with only 8 million... Read More

15 Israeli Startups to Watch in 2016
January 21, 2016

From creating instant messaging technology and Waze to inventing drip irrigation and water desalination solutions, Israel has become a global tech leader. This year, investors have been flocking to Israel from New York, China and all over the world in order to find opportunities, as Israeli entrepreneurs continue to raise... Read More

Could smart toys put your child’s security at risk?
December 23, 2015

With Christmas just around the corner, parents everywhere have been hunting for this season’s hottest toys. One of the biggest trends for kids – as if it were any surprise... Read More

Is there such a thing as secure code?
December 8, 2015

One of the "million dollar questions" in the information security industry is whether or not a way even exists to write secure code. And, as it turns out, there's no real consensus on one true answer. Some believe that with convenient tools for developers, there is a chance for the... Read More

Hacking is a business – and business is good
December 6, 2015

Parents freaked out when hackers stole millions of records from VTech, a Hong Kong-based toy maker. Because the records included information on at least 200,000 children, those mothers and fathers were probably more worried about kidnappings and child pornography than financial mischief. But hacks like the attack on VTech are... Read More

Skip to content