Where the world meets DevOps Fri, 05 Jan 2024 14:08:39 +0000 en-US hourly 1 https://devops.com/wp-content/uploads/2021/10/android-chrome-256x256-1-130x130.png 32 32 144979424 https://devops.com/checkmarx-report-details-havoc-caused-by-everything-package-on-npm-registry/ Fri, 05 Jan 2024 14:08:39 +0000 https://devops.com/?p=167598 A Checkmarx report details an 'Everything' package distributed via the NPM registry that cripples any machine used to download it.]]> 167598 https://devops.com/checkmarx-surfaces-threat-to-github-repositories/ Wed, 27 Sep 2023 15:54:27 +0000 https://devops.com/?p=165625 Checkmarx reported that malicious actors have been able to compromise GitHub's Dependabot, the free automated dependency management tool for software projects.]]> 165625 https://devops.com/checkmarx-brings-generative-ai-to-sast-and-iac-security-tools/ Wed, 31 May 2023 19:40:45 +0000 https://devops.com/?p=161547 Under an early access program, Checkmarx today made available query builder and guided automation tools that take advantage of OpenAI’s generative artificial intelligence (AI) technologies to make it simpler for developers to resolve application security issues. AI Guided Remediation surfaces actionable remediation recommendations for vulnerability issues such as misconfigurations directly from within integrated development environments […]]]> 161547 https://devops.com/checkmarx-report-highlights-need-for-appsec-collaboration/ https://devops.com/checkmarx-report-highlights-need-for-appsec-collaboration/#respond Mon, 09 May 2022 12:15:17 +0000 https://devops.com/?p=152088 A research report published by Checkmarx finds the same basic malicious software developed using multiple programming languages as cyberattackers industrialize their malware development processes. Checkmarx, a provider of code scanning tools, shared examples of malicious packages written in multiple programming languages. These example packages share the same indicators of compromise that have gone undetected for […]]]> https://devops.com/checkmarx-report-highlights-need-for-appsec-collaboration/feed/ 0 152088 https://devops.com/travis-perkins-plc/ https://devops.com/travis-perkins-plc/#respond Sat, 01 Aug 2020 21:19:05 +0000 http://devops.staging.wpengine.com/?p=136684 With over 20 leading brands providing various online services for tens of thousands of consumers, Travis Perkins had the need for a strong AppSec solution in its arsenal to protect its applications. As the company shifted to an agile workflow, their development process became more fast-paced and it became evident that the company needed a […]]]> https://devops.com/travis-perkins-plc/feed/ 0 137925 https://devops.com/case-study-time-inc/ https://devops.com/case-study-time-inc/#respond Sat, 01 Aug 2020 04:22:48 +0000 http://devops.staging.wpengine.com/?p=136720 Time Inc. is a mass media corporation that shares news and stories impacting global dialog across multiple media platforms for nearly a century. With some of the world’s biggest media brands under the umbrella of Time Inc., the company knew it had to completely secure their applications from continuous security threats. The task was to […]]]> https://devops.com/case-study-time-inc/feed/ 0 137941 https://devops.com/checkmarx-interactive-application-security-testing-cxiast/ https://devops.com/checkmarx-interactive-application-security-testing-cxiast/#respond Thu, 02 Jul 2020 02:07:31 +0000 http://devops.staging.wpengine.com/?p=136701 In today’s competitive world, the name of the game is time-to-market. Organizations are under increasing pressure to continuously deliver new and improved software. To win the race, nothing can get in the way of rapid releases. This need for speed has often led organizations to leave security behind, making them a frequent target for attack. […]]]> https://devops.com/checkmarx-interactive-application-security-testing-cxiast/feed/ 0 137932 https://devops.com/an-integrated-approach-to-embedding-security-into-devops/ https://devops.com/an-integrated-approach-to-embedding-security-into-devops/#respond Thu, 02 Jul 2020 02:03:15 +0000 http://devops.staging.wpengine.com/?p=136699 What’s making your software essential to your business, is also making it more dangerous. When software is everywhere, everything becomes an attack surface. The way your organization develops and depends on software has changed – and never has it exposed you to more risk. And while software security has never been more business critical, organizations […]]]> https://devops.com/an-integrated-approach-to-embedding-security-into-devops/feed/ 0 137931 https://devops.com/deliver-secure-software-at-the-speed-of-devops/ https://devops.com/deliver-secure-software-at-the-speed-of-devops/#respond Thu, 02 Jul 2020 01:18:40 +0000 http://devops.staging.wpengine.com/?p=136697 We live in an era of digital transformation. Software is the backbone of this digital transformation. Mobile, cloud, open source, Internet of Things, microservices and AI have made software more complex. Over 80% of the code in today’s software applications is open source. Estimates show that there will be 30 billion connected IOT devices by […]]]> https://devops.com/deliver-secure-software-at-the-speed-of-devops/feed/ 0 137930 https://devops.com/checkmarx-software-composition-analysis-cxsca/ https://devops.com/checkmarx-software-composition-analysis-cxsca/#respond Wed, 01 Jul 2020 23:31:00 +0000 http://devops.staging.wpengine.com/?p=136695 As with custom code and commercial software, open source libraries can introduce risks which organizations must identify, prioritize, and address. Security vulnerabilities can leave sensitive data exposed to a breach, license requirements can jeopardize your intellectual property, and outdated open source libraries can place unnecessary support and maintenance burdens on your development teams. In today’s […]]]> https://devops.com/checkmarx-software-composition-analysis-cxsca/feed/ 0 137929