Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

TECH DIGITAL RESOURCE LIBRARY

Checkmarx

Checkmarx is the global leader in software security solutions for modern enterprise software development. Checkmarx delivers the industry's most comprehensive Software Security Platform that unifies with DevOps and provides static and interactive application security testing, software composition analysis, and developer AppSec awareness and training programs to reduce and remediate risk from software vulnerabilities. Checkmarx is trusted by more than 40 of the Fortune 100 companies and half of the Fortune 50, including leading organizations such as SAP, Samsung, and Salesforce.com.

Our Website: http://www.checkmarx.com/


Latest Content From Checkmarx

E-Book: A Quick Intro to Go Language Security Topics

by CheckmarxFeb 17, 2021

Are you new to the Go language (Golang), or are you an old-schooler who just wants a single resource highlighting all the security advantages of Go? You've come to the right place!

To help you quickly increase your knowledge of Go security in general, we've compiled this short summary of security topics you should be aware of when using Go. If you're ready to learn more... Let's Go!

This is a summary of the extended work found in The Go Language Guide — Web Application Secure Coding Practices.


Whitepaper: The Application Security Testing Imperative

by CheckmarxFeb 17, 2021

This paper provides practical guidance for CISOs, CIOs, and DevOps leaders for designing an effective application security program to secure modern application development via an integrated approach. The paper also aims to equip application security practitioners with research data to support building the business case for AST investments.

In this White Paper, readers will learn:

  • The Implications of Deadline-driven Decisions
  • The Open Source Software Dilemma
  • Demystifying DevSecOps
  • Critical Success Factors for an Effective AST Program
  • Requirements for an Integrated Approach to AST
  • The Bigger Truth


E-Book: Nucleus Research: European Financial Services Institution ROI Case Study

by CheckmarxFeb 17, 2021

One of the largest European financial services institutions did not have a solution to address security vulnerabilities in their custom code. Falling under strict legal and industry standards for security and compliance, the organization considered manual approaches to address the security challenges they faced. However, they quickly realized they needed an integrated and automated way of improving the security of their custom code and looked to Checkmarx to remedy their situation.

As a result, the organization realized a 393 percent ROI and will recover its initial investment in less than five months after implementation.

This report takes a deep dive into how once Checkmarx Codebashing and SAST solutions were implemented, the organization realized a wide range of benefits including:

  • Increased employee productivity
  • Savings from reduced vulnerabilities
  • Scalability in growing environment


E-Book: Open Source Security: The Ultimate Guide to Software Composition Analysis

by CheckmarxFeb 17, 2021

Open source software has facilitated the rapid evolution of application development and shortened development cycles. As with any new advancement in technology, there can be risks associated with open source components which organizations must identify, prioritize, and address. Security vulnerabilities can leave sensitive data exposed to a breach, complex license requirements can jeopardize your intellectual property, and outdated open source libraries can place unnecessary support and maintenance burdens on your development teams.

Today, organizations need deep insight into open source security vulnerabilities affecting their software, with risk severity metrics, detailed vulnerability descriptions, and remediation guidance to mitigate the risk of exploitation.

This eBook is designed to help organizations, management teams, security practitioners, and developers understand Software Composition Analysis (SCA) in depth.


Research Report: Top 10 Security Technology Trends to Watch, 2020

by CheckmarxNov 19, 2020

Application security tools' integration with the CI/CD pipeline is No. 1 of the top 10 security technology trends Forrester expects will shape the security technology landscape in 2020.

Read this report to learn:

  • How integration and automation of application security testing mitigates process gaps;
  • What you should do about it now; and
  • The other top security and risk technology trends you should be watching.


Webcast: SecDevOps: Tying Security to Your Application Development Processes

by CheckmarxNov 11, 2020

For many application development teams, the concept of DevOps is changing the way software is developed, written, and run. But how does your app dev team build security into its processes? In this webinar, experts discuss the integration of security and DevOps – sometimes called SecDevOps or DevSecOps – and how it can make your applications not only more flexible, but more secure. You’ll also get advice on how to bring your security team and app dev team together through common tools and practices that foster secure code development.


Research Report: Meetup Vulnerabilities: Escalation of Privilege and Redirection of Funds

by CheckmarxOct 05, 2020

Recently, the Checkmarx Security Research Team was looking for API security issues in high-profile web applications, including Meetup.com.

In this report you will learn in detail about:

  • The API issues found
  • The serious cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities
  • How these vulnerabilities together could put users at risk


E-Book: 5 Reasons to Prioritize Software Security

by CheckmarxOct 05, 2020

The pace of digital transformation has reached a speed never before seen, forcing organizations into an "adapt or die" situation. Software is at the center of it all, placing increased pressure on DevOps leaders, AppSec managers, and developers to develop and deploy software faster.

This eBook discusses how:

  • Software security is at the heart of digital transformation.
  • Open source is as vulnerable as it is valuable.
  • Developers should be extensions of your security team.
  • Among other topics.


E-Book: An Integrated Approach to Embedding Security into DevOps

by CheckmarxOct 05, 2020

The root cause of many successful cyber attacks lies primarily in vulnerable software itself. The real question that needs to be asked is, "Can the industry do a better job of writing more-secure code, making software applications nearly impenetrable to cyberattacks?"

This eBook will help you understand :

  • Security within the Common Development Methodologies
  • The different ways to embedding Security into DevOps
  • The current approach to security within DevOps