Your one stop for the latest application security articles, stories, and trends, all in one place. Stay on top of the news, and know what’s happening—both at Checkmarx and in the industry at large.
One of the biggest areas for application security in 2018 is how it fits within a true DevOps environment. In my discussions with some of the largest organizations in the world there seems to be one common theme, and that is the movement to a true DevOps program. DevOps is a hot... Read More
The importance of integrating security tests in the software development life cycle is commonly discussed and widely agreed upon, yet getting developers to write secure code to begin with is... Read More
Thanks to sophisticated development tools and practices that have emerged in recent years, application teams are producing code faster than ever. The downside is that the shorter release cycles become, the... Read More
Matt Rose is the global director of application security strategy at Checkmarx, an organization that provides static code analysis tools that play a key role in the secure software testing... Read More
Cyberattacks, including global ransomware attacks, massive data breaches, and distributed denial-of-service attacks have recently dominated the headlines, saturating consumers’ news intake with stories about cybersecurity threats. These repeated reminders of... Read More
“Many organizations have an effective process for identifying problems, but no process for remediation,” said Matt Rose, the global director of application security strategy at Checkmarx. “Organizations do a lot... Read More
For its part, Checkmarx, an application security software company, introduced a new release of its Interactive Application Security Testing product, CxIAST. The product enables continuous application security testing in real time, so software delivery schedules are not affected by security testing. Click here to continue reading Read More
But not every data breach can be blamed on an end user, which is why developers must be vigilant when it comes to cloud-native security. According to Matt Rose, global director of application security strategy at Checkmarx, it's commonplace for his software company's static code analysis tools to identify places... Read More
Matt Rose, global director of application security strategy at Checkmarx, said that Jenkins is the bellwether for the CI/CD world. “Most of our customers are using Jenkins in some way.... Read More
At Jenkins World 2017, Checkmarx announced its new Interactive Application Security Testing solution, CxIAST, which gives teams continuous application security testing in real time, with zero scan time, accuracy and... Read More
Matthew Rose, global director of application security strategy at Checkmarx, an application security software vendor headquartered in Israel, said there were a number of ways a shared library might be... Read More
The Loftek CXS-2200 and VStarcam C7837WIP, which look nearly identical, contained more than a dozen vulnerabilities between them, many of which would let an attacker take over the camera from the internet. "The vulnerabilities just kept on coming," the report notes. "A malicious user can exploit your device to track... Read More
Checkmarx researchers said a pair of IP-enabled security cameras have nearly two dozen flaws that would make them vulnerable to attack. Loftek DSS-2200 and VStarcam C7837WIP, manufactured in China and aimed at the consumer market, also can be pressed into service as botnets to execute distributed denial of service (DDoS)... Read More
Two consumer-grade IP-enabled security cameras manufactured by Loftek and VStartcam are riddled with nearly two dozen vulnerabilities that expose them to remote attacks. According to researchers, more than 1.3 million of the cameras are in use today, with 200,000 models located in the United States. Based on a report released... Read More
Checkmarx researchers have analyzed a couple of IP cameras from Loftek and VStarcam and discovered several new vulnerabilities and variations of previously found flaws. In Loftek’s CXS 2200 camera, experts discovered cross-site request forgery (CSRF) flaws that can be exploited to add new admin users, server-side request forgery (SSRF) flaws... Read More
Today’s cyber landscape leaves no room for mistakes when it comes to the security of software and applications. Enterprises are well aware of the harsh consequences of a cyberattack. Moreover, with end users expecting software vendors to deliver cutting edge software at the speed of light, enterprises find themselves constantly... Read More
Application security testing company Checkmarx has now acquired the somewhat aggressively named Codebashing, a company that specializes in game-like application security education and training for software application developers. Read the full article on Forbes Read More
Checkmarx has acquired Codebashing, an application security education company that delivers Game-like AppSec Training for Developers. Traditional secure coding education is ineffective and cannot scale to deliver continuous and across the board secure coding knowledge. Long training courses disrupt the developer’s daily routine and don't address the specific challenge as... Read More
Through Acquisition, Checkmarx will Provide Interactive Tools to Further Developer Application Security Knowledge and Deliver Secure Applications Even Faster. Checkmarx, a global leader in application security testing solutions, today announced its acquisition of Codebashing, a leading application security education company that delivers Game-like AppSec Training for Developers. Read the full article... Read More
Checkmarx announced the acquisition of Codebashing, an application security education company that delivers Game-like AppSec Training for Developers. By shifting security left and empowering developers to deliver secure applications, this acquisition allows Checkmarx to introduce continuous, in-context, bite sized secure coding training. Effective training allows enterprises to grow their in-house... Read More
Industry
©2021 Checkmarx Ltd. All Rights Reserved. iISO/IEC 27001:2013 Certified
