CVE-2020-35774: twitter-server XSS Vulnerability Discovered
According to its official documentation, “twitter-server” is a Twitter OSS project used to provide a template from which servers at Twitter are built. It provides common application components such as an administrative ...
What is the ROI of Checkmarx Application Security Testing (AST)?
When it comes to IT security initiatives, many enterprises struggle to quantify business value and return on investment (ROI), often viewing their security spend solely as an insurance expense – a must-have ...
Preventing Developer Burnout in the Age of Rapid Software Delivery
“Burnout” happens across all jobs and industries, especially tech. However, developers have always been particularly at-risk of falling victim to burning out, and the COVID-19 pandemic, and the resulting digital shift driven ...
2020 Checkmarx Partner Awards – APJ, EMEA & LATAM
Every year at Checkmarx, we recognize and award our business partners who have gone above and beyond to help their customers overcome their software security and business challenges. awards reflect our deep ...
2021 Cybersecurity Predictions: Our Experts Weigh In
To say that 2020 was an unusual year would be an understatement. Business, government, healthcare, and education drastically changed with many organizations making massive digital transformations that were completely unplanned in many ...
Seven Ways We’ve Helped our Partners Transform to Digital Reality During COVID
In 2020, “digital transformation” went from a buzzword to reality. Businesses and governments alike experienced first-hand what it meant to undergo rapid, high-stakes transformation in the way they operate, and many are ...
Drupal Core: Behind the Vulnerability
As you may recall, back in June, Checkmarx disclosed multiple cross-site scripting (XSS) vulnerabilities impacting Drupal Core, listed as CVE-2020-13663, followed by a more technical breakdown of the findings in late November ...
How Agencies Can Take Advantage of DevSecOps and Automation to Accelerate ATOs
As federal agencies develop more online services and systems to meet the mission of the U.S. government, their appetite and need to develop and deploy secure software applications rapidly continues to grow ...
Drupal Core: Behind the Vulnerability
Earlier this year, the Checkmarx Security Research Team conducted an investigation of the new version of Drupal Core (Drupal 9) – a content management system (CMS) written in PHP – uncovering several ...
Apache Unomi CVE-2020-13942: RCE Vulnerabilities Discovered
“Apache Unomi is a Java Open Source customer data platform, a Java server designed to manage customers, leads and visitors’ data and help personalize customers experiences,” according to its website. Unomi can ...
