Matthew Rose

Blog – Checkmarx

It’s no hidden secret that businesses have been moving toward digital transformation for years, but the current pandemic has accelerated this movement at a rate and scale like never seen before. As Microsoft CEO Satya Nadella recently put it, “We have seen two years’ worth of digital transformation in two ... Read More

It’s no secret that retail has been in the midst of a massive digital transformation over the past few years, largely driven by emerging software and technology, as shoppers seek out new experiences, increased level of conveniences, and exciting loyalty-based perks and rewards. And due to current circumstances, this has ... Read More

The world as a whole is coming together to quell the spread of COVID-19 by limiting social interaction, and in some instances, initiating full quarantines. Schools are closed for weeks, if not longer. Organizations have initiated very strict work from home policies to keep employees safe, and many restaurants and ... Read More

DevOps is an evolving philosophy, and now is the time–just as you start embracing DevOps in your organization–to start building security into both your DevOps philosophy and processes. DevOps philosophy started with the core principles of W. Edwards Deming’s points on Quality Management, binding the development of services and their ... Read More

Many organizations today are in the process of transitioning to a DevOps-centric approach, but don’t want to leave security behind. In order to build security in from the beginning of their software development process, it’s essential to enhance your security posture by integrating application security testing solutions into the software ... Read More

Security breaches regularly made headlines this year, while advancements in DevOps, application security testing tools, artificial intelligence, machine learning, cloud adoption, and the Internet of Things race forward. 2019 promises to be another busy year in technology and digital transformation, but what will that look like for software security? Here ... Read More

Everyone agrees that an enterprise’s application ecosystem must be protected, especially when data breaches are reported with alarming frequency and the average total cost of a breach comes in at $3.62 million. However, defeating increasingly severe threats requires a holistic approach to security, one that places an emphasis on managing ... Read More

We just passed the one-year anniversary of Equifax’s announcement of their massive data breach due to an exploit of an Apache Struts vulnerability (CVE-2017-5638) – and incidentally, at nearly the same time that Apache announced another critical Apache Struts security flaw (). The latest Apache Struts vulnerability, CVE-2018-11776, was published ... Read More

The newly named Peekaboo vulnerability is a zero-day flaw in China-based Nuuo’s video recorder technology.The flaw in NVRMini2, a network-attached storage device, has remained unfixed in the three months since the vendor was alerted. This vulnerability put internet-connected CCTV cameras at risk, a grave concern for organizations using the service ... Read More

On Tuesday, security researcher Brian Krebs announced an issue with a service offered by Government Payment Service Inc. called GovPayNow. This service is used by U.S. state and local governments across 35 states, and it looks like it exposed 14 million customer records online. Whose records did they have, and ... Read More