Exploiting mXSS Vulnerabilities Within Mozilla-Bleach

Mutation Cross-Site Scripting (mXSS) Vulnerabilities Discovered in Mozilla-Bleach

As part of the beta testing phase that took place earlier this year for our recently launched Software Composition Analysis solution, CxSCA, the Checkmarx Security Research Team investigated Mozilla-Bleach, finding multiple concerning ...
The Road to DevSecOps: Addressing the Challenges of AppSec Awareness

The Road to DevSecOps: Addressing the Challenges of AppSec Awareness

Recently, I had an opportunity to sit down with Kurt Risley and ask him about his experiences and observations when working with organizations who desire to develop a comprehensive AppSec Awareness Program ...
Deliver Secure Software from Home: Checkmarx Offers Free 45-Day Codebashing Trial

Deliver Secure Software from Home: Checkmarx Offers Free 45-Day Codebashing Trial

For the past few weeks and the foreseeable future, COVID-19 has forced organizations around the world to adopt work from home models. This can be a difficult transition, impacting productivity, workflows, and ...
Power to the Players: 3 Tips for Gamifying Your Cybersecurity Training

Power to the Players: 3 Tips for Gamifying Your Cybersecurity Training

It’s no hidden secret that an increased level of training and education is both one of the biggest needs and shortcomings in the cybersecurity industry. Organizations are falling victim to cyberattacks more ...
AppSec Training – Necessary, but not sufficient

AppSec Training – Necessary, but not sufficient

It’s no secret that the earlier you discover security bugs in the software development life cycle (SDLC), the more time, money, and resources you will save. While making use of “reactive” security ...