There’s no denying that today’s digital ecosystem must be protected. But preventing increasingly frequent and severe attacks, which often target customer data and confidential information, requires more out of your organization’s security policies. Add in the challenge of organizations being asked to develop, deliver, and deploy software faster than ever ... Read More

Another year, another RSA Conference USA in the books! From talking software security and DevOps with thousands of attendees, to launching new research and solutions, and hosting a SoulCycle fitness class for AppSec professionals, we had a blast at this year’s show and couldn’t be more grateful to all who ... Read More

The recent industry shift towards DevOps makes it clear that organizations are adopting this development and operational model to facilitate the practice of automating software delivery and deployment. As a result, organizations are acknowledging that their traditional approaches to software security are having a difficult time adapting to this new ... Read More

Discovering vulnerabilities like the ones mentioned below is why the Checkmarx Security Research team performs investigations. This type of research activity is part of their ongoing efforts to drive the necessary changes in software security practices among vendors that manufacture consumer-based technologies, while bringing more security awareness amid the consumers ... Read More

Twas the night of the Go-Live, and all through the team, We were nervous as ever, at least it would seem. We thought we had done, everything that was right, We were hoping it’s quick, then we’d call it a night. We had the right tools, at least we thought ... Read More

2019 proved to be a hectic year in the cybersecurity landscape. With 3,813 data breaches occurring in the first six months alone, (exposing over 4.1 billion records,) and 12174 new vulnerabilities discovered in commercial and open source software, this year has certainly been one for the memory books. With all ... Read More

Injection vulnerabilities are one of the oldest exploitable software defects, which unfortunately are still prevalent today. Doing a simple search on cve.mitre.org com for the term injection returns with over 10,852 injection-related vulnerabilities in commercial and open source software since the year 2000, and the number of injection vulnerabilities continues ... Read More

Most people in our industry know what the acronym CVE means. For those that may not, CVE stands for Common Vulnerabilities and Exposures. According to their website, CVE was launched in 1999 as a list of common identifiers for publicly-known cybersecurity vulnerabilities found in commercial and open source software and ... Read More

It’s no hidden secret that an increased level of training and education is both one of the biggest needs and shortcomings in the cybersecurity industry. Organizations are falling victim to cyberattacks more frequently than ever before and the ramifications are only getting worse. According to IBM Security’s and Ponemon Institute’s ... Read More

October is the annual National Cybersecurity Awareness Month (NCSAM), which is promoted by the U.S. Department of Homeland Security and the National Initiative for Cybersecurity Careers and Studies (NICCS). According to the NICCS, “Held every October, NCSAM is a collaborative effort between government and industry to raise awareness about the ... Read More