bots standing AppSec DNSSEC web app security

Prioritizing Security a Challenge for Dev Teams

Security has long been seen as an afterthought in the DevOps process, and a new report from Secure Code Warrior offers a reason why. While developers say a security-led approach is important ...
Security Boulevard
Exploiting mXSS Vulnerabilities Within Mozilla-Bleach

Mutation Cross-Site Scripting (mXSS) Vulnerabilities Discovered in Mozilla-Bleach

As part of the beta testing phase that took place earlier this year for our recently launched Software Composition Analysis solution, CxSCA, the Checkmarx Security Research Team investigated Mozilla-Bleach, finding multiple concerning ...
The Road to DevSecOps: Addressing the Challenges of AppSec Awareness

The Road to DevSecOps: Addressing the Challenges of AppSec Awareness

Recently, I had an opportunity to sit down with Kurt Risley and ask him about his experiences and observations when working with organizations who desire to develop a comprehensive AppSec Awareness Program ...
AppSec Training – Necessary, but not sufficient

AppSec Training – Necessary, but not sufficient

It’s no secret that the earlier you discover security bugs in the software development life cycle (SDLC), the more time, money, and resources you will save. While making use of “reactive” security ...