Checkmarx Fusion - Why Correlation Matters
Watch Now
AppSec Governance Best Practices
Limiting your organizational risk by implementing security solutions that developers easily adopt is key to a successful AppSec Program. This content will help you learn about Checkmarx approach to embedding security into your pipelines to streamline your secure software initiatives.
-
-
Solution Brief – Checkmarx One Application Security Platform
Read Now
-
How to Get a Pragmatic AppSec Program in Place? …at the Speed of DevOps and Agile!
In recent blog posts we discussed the need for AppSec programs and which frameworks are available to build a program. At Checkmarx we view it as the utmost importance that our customers get the...
Read Now
-
Loading, please wait
Error - something went wrong!
Thank you! Someone will be in touch soon
-
KPIs and Other Metrics for Measuring the Impact of Outsourced AppSec Testing
Deciding to outsource application security testing to a managed service provider is one step toward simplifying your AppSec testing strategy and improving the impact of test results. But simply...
Read Now
-
NPM Replicator Remote Code Execution Deserialization
NPM, the package manager for Node.js, is an open source project that serves as a critical part of the JavaScript community and helps support one of the largest developer ecosystems. According to...
Read Now
-
Correlation - Application Security Testing Imperative in Modern Application Development
Read Now
-
New Technique Used by Attackers in NPM to Avoid Detection
Checkmarx SCS team recently detected several malicious NPM packages using a new evasion technique, enhancing dependency confusion attacks to help malicious packages avoid detection. This novel...
Read Now
-
Solution Brief-FUSION-Checkmarx Correlation Engine
Read Now
-
The Case for Correlation in the World of AppSec Testing
Most developers and AppSec pros understand the value of Application Security Testing. From running security scans early during software development to running a final scan after an application...
Read Now
-
Key Considerations for Building a Proper AppSec Program for Modern Application Development
Many firms’ security efforts are focused solely on deploying technologies, applying “best practices,” and responding to a never-ending stream of security alerts and threats. As a result, security...
Read Now
-
Case-Study-Major_Streaming_Service-appsec-accelerator
Read Now
-
Banking on the Cloud - The challenges and opportunities of the cloud transition
Read Now
-
Great code is secure code: best practices for using and securing open source code
Read Now
-
GitHub RepoJacking Weakness Exploited in the Wild by Attackers
A logical flaw in GitHub allows attackers to take control over thousands of repositories, enabling the poisoning of popular open-source packages. This flaw is yet to be fixed and the steps to...
Read Now
-
Attacker Caught Hijacking Packages Using Multiple Techniques to Steal AWS Credentials
What Happened? Multiple supply chain attacks from the same attacker were reported today by s0md3v. (1) PHP package hautelook/phpass with over 2.5 million installations was hijacked using the...
Read Now
-
ESG Highlights Software Supply Chain Security
Open Source Software is an established part of modern application developmentSupply Chain Security presents challenges which Application Security Testing must addressSolutions include new...
Read Now
-
Open Source Licenses – Insights and Metrics
Every developer and organization which uses open source dependencies in their code should know what open source licenses are and what are the risks that an organization faces when using open...
Read Now
-
ESG Showcase - Comprehensive Open Source Supply Chain Security: Going Beyond SCA and SBOMs
Read Now
-
AST Platform Demo
Watch Now
-
Is Your AST Slowing You Down?
Watch Now
-
Loading More...
