Application Security Testing
Application Security: Turbulence Often Leads to Transformation
Most security and risk (S&R) professionals in our industry have heard of Top 10 Lists. For example, OWASP and their community of contributors have expanded their Top 10 security projects to include ...
On the Road to DevSecOps: Security and Privacy Controls per NIST SP 800-53
This past March, the National Institute of Standards and Technology (NIST) released the NIST Special Publication 800-53, Revision 5, which was their final public draft revision. According to the abstract, “This publication ...
Integrating Checkmarx Security Results within GitLab
The automation and integration of Application Security Testing (AST) is essential for building out a true DevSecOps program. Automation is the easy part. Invoke a security scanners’ REST API or a command ...
Privilege Escalation on Meetup.com Enabled Redirection of Payments
The Checkmarx Security Research Team recently audited the security of several high-profile websites, including Meetup.com. For those who are not familiar with Meetup.com, it allows users to create an event where people ...
On the Road to DevSecOps: Securing the Software Driving Mobility
The automotive industry is experiencing radical change—and software is the catalyst. Progressively more software, increasingly intelligent components, and new methods of interaction are finding their way into automobiles of all sizes and ...
AppSec, the developer way: Transforming security from a “dirty word” to a common practice
In a world where one data breach is all it takes to destroy a business, only the prepared and vigilant ones that embrace security in their operations can prevent disaster. Yet, if ...
Solidity Top 10 Common Issues
In 2018, we performed our initial research about the current state of security in the context of Smart Contracts, focusing on those written in Solidity “a contract-oriented, high-level language for implementing smart ...
Checkmarx Named a Leader in the 2020 Gartner Magic Quadrant for Application Security Testing
Today marks the much-anticipated release of the 2020 Gartner Magic Quadrant for Application Security Testing (AST)*, and we’re thrilled to announce that Checkmarx has been named a Leader for the third consecutive ...
Kudos to the Unsung Heroes in our Current Times: Software Developers
As the world duly salutes our front-line medical professionals, first responders, military and police, factory workers, delivery drivers, construction teams, repair technicians, store clerks, farmers, truckers, pharmacists, cooks, and millions of other ...
Why “Shift Left” in DevOps is really “Shift Center”
In an industry full of acronyms and buzz words, the term “shift left” surfaced as a result of organizations waiting to perform software security testing until the end of the development process ...
