Kotlin Guide: Why We Need Mobile Application Secure Coding Practices

Kotlin Guide: Why We Need Mobile Application Secure Coding Practices

October is the annual National Cybersecurity Awareness Month (NCSAM), which is promoted by the U.S. Department of Homeland Security and the National Initiative for Cybersecurity Careers and Studies (NICCS). According to the NICCS, “Held every October, NCSAM is a collaborative effort between government and industry to raise awareness about the ... Read More
Why Software Security and DevOps Were the Talk of the Town at Black Hat and DEF CON 2019

Why Software Security and DevOps Were the Talk of the Town at Black Hat and DEF CON 2019

In the wake of Black Hat 2019 and DEF CON 27, there is no doubt that the cybersecurity industry is growing beyond anyone’s expectations. The sheer number of sponsors and attendees who descended upon Las Vegas last week from all parts of the world ranged in the tens of thousands, ... Read More
Training Exposure: Addressing Secure Coding Education in Your Software Security Program

Training Exposure: Addressing Secure Coding Education in Your Software Security Program

According to the Verizon 2019 Data Breach Investigation Report, 69 percent of the data breaches investigated by Verizon were perpetrated by outsiders, 63 percent were the result of attackers targeting server assets, and nearly 70 percent of breach incidents were caused by attackers targeting vulnerable web applications. Undoubtedly, there is ... Read More
Adoption Exposure: Your Software Security Needs Integration and Automation

Adoption Exposure: Your Software Security Needs Integration and Automation

There are many software security solutions available today designed to provide insight into important security issues found during software development. As organizations begin moving forward with DevOps initiatives, are their current Application Security Testing (AST) solutions doing the work they need them to accomplish? If you haven’t integrated AST automatically ... Read More
One Common Theme – One Common Goal

One Common Theme – One Common Goal

On the heels of the RSA Asia Pacific and Japan conference that took place last week, there was one common theme that Checkmarx captured while speaking with visitors at their stand—imbedding security throughout an organizations’ DevOps ecosystem is viewed as a difficult barrier to overcome. Visitors to our booth who ... Read More
Code Exposure: The Vulnerabilities in Your Code & Where They Originate

Code Exposure: The Vulnerabilities in Your Code & Where They Originate

Code Exposure: The Vulnerabilities in Your Code & Where They Originate Typical software applications are comprised of two types of code: custom code created by your internal development teams, and third-party code – often open source – created outside the organization. Until about 10 to 15 years ago, almost all ... Read More
A New EU Cybersecurity Regulation and Why It’s Important

A New EU Cybersecurity Regulation and Why It’s Important

On the heels of GDPR and what it meant to the rest of the world outside of the EU, another EU cybersecurity regulation is on the horizon. Most organizations remember the effort taken to meet GDPR compliance irrespective of where they were headquartered or operated their business. The new EU ... Read More
Demystifying the myth of an AppSec silver bullet

Demystifying the myth of an AppSec silver bullet

Can a single approach to application security solve all of your problems? Relying on a single testing solution to protect your applications is essentially like trying to protect your house from burglars, with a single alarm. Now imagine the house is packed with highly-valuable possessions and is located in a ... Read More
Vulnerable Software – The Gift that Keeps on Giving

Vulnerable Software – The Gift that Keeps on Giving

Concerning the latest data breaches on record, this past May was rather noteworthy. A host of organizations from around the world announced in fact, that they had experienced a data breach. From online retailers, travel booking sites, and high-tech startups, to social sharing sites, healthcare billing firms, and even title ... Read More