Solutions
Platform
Checkmarx One
API Security
ASPM
Codebashing
Container Security
DAST
IaC Security
SAST
SBOM
SCA
SSCS
Solutions
Artificial Intelligence (AI)
Code to Cloud
Developer Experience
DevSecOps
Supply Chain
Services
Support
Services
Maturity Assessment
Partners
Partners
Our Partner Programs
Find a Partner
Programs
Channel Partners
GSI
Tech Partners
Existing Partners
Partner Portal
Academy
Partner Hub
Company
Programs
About Us
Customers
Leadership
Awards & Recognition
News
Events
People
Careers at Checkmarx
Get in touch
Contact Us
Support Portal
Resources
Engage
Documentation
Discover
Blog
Knowledge Hub
Case Studies
Events
News
Press Releases
E-books
White Papers
More resources
Checklist
Infographics & Interactives
Research & Reports
Solution Briefs
Videos
Webinars
Glossary
All Resources
Contact Us
Get a demo
Get a Demo
Home
Blog
Checkmarx Blog
Find it all here - expert insights, opinionated views and more
All articles
Shape
Tag
Account Takeover
Advocate
AEG Smart Scale
AEG Smart Scale PW 5653 B
Agencies
agile development
Agile Software Development
AI
AI Powered
AI Revolution
AI Security
Android
Android App
Android Vulnerability
Android WebView
Android's NFC Design
Announcement
Apache Dubbo
Apache Software Foundation
Apache Struts
Apache Unomi
API
API Security
API Sprawl
APMA
APMA Digital
Application Security
Application Security Awareness
Application Security Platform
Application Security Program
Application Security Testing
Application security training
Application Security Vulnerabilities
AppSec
AppSec Accelerator
AppSec Awareness
appsec awareness program
appsec education
AppSec education program
AppSec Maturity
AppSec Platform
AppSec Program
AppSec Services
AppSec Survey
AppSec Testing
AppSec Village
Arbitrary Code Execution
article
artificial intelligence
ASPM
AST
AST Platform
ATO
Authority to Operate
Automating Security Testing
Automation
awards
awareness
AWS
AWS Marketplace
Banking Sector
Best practices
Black Hat USA
Black Unicorn
BLE
Blog
bluetooth
Bluetooth Low Energy
bluetooth security
BOLA
Breaking News
brinqa
Campaigns
Capture The Flag
Catastrophic Backtracking
Channel Partners
Channel Program
CheckAi
Checkmarx
Checkmarx Application Security Platform
Checkmarx Fusion
checkmarx one
Checkmarx One 3.0
Checkmarx Partners
Checkmarx Security Research Team
CI/CD
CIO
CISO
closed source
Cloud AppSec Testing
Cloud Native
Cloud Security
Cloud Software Development
Cloud-Native Security
cnapp
code analysis
Code Execution
code to cloud
Codebashing
Coding Languages
common vulnerabilities and exposures
Consolidation
Contact Tracing
Container Security
COVID-19
Cross-Site History Manipulation
Crypto
CSRF
CVE
CVE-2017-5638
CVE-2017-9805
CVE-2018-11776
CVE-2020-13669
CVE-2020-35774
CVSS 3
CxCodebashing
CxFlow
CxSAST
CxSCA
Cyber Safety
Cyber Security
cybersecurity
Cybersecurity Awareness Month
DAST
data breach
data exposure
Data Security Breach
Deep Dive Webinar
DEF CON 27
Denial of Service
Developer
Developer Advocate
Developer Awareness Training
Developer Education
developer experience
Developer Survey
developer training
Developers
devex
DevOps
DevOps culture
DevOps workflows
DevSecOps
DevSecTrust
Digital Transformation
DoD
dos
Drupal
Drupal security analysis
eCommerce
Education
English
Equifax breach
EU
Evangelist
Exec
Exploitable Path Analysis
Exploitable Vulnerabilities
Federal Agencies
forrester
Forrester Wave
Free
fusion
Future of AppSec
Gamification
Gartner
Gartner Magic Quadrant
Gartner Peer Insights
GDPR
GenAI
GitHub
GitLab
Go
Golang
Healthcare
Higher Ed
HTTP2
HTTPS
IaC
IAC Security
IAST
IDE Scanning
Implementation
Infrastructure as Code
Infrastructure as Code Security
Injection Attacks
input sanitization
Integrated SCE
Integration
Interactive Application Security Testing
Internet Of Things
IoT
JavaScript
JetBrains
JSON
KICS
Kubernetes
Launch
Leadership
Lenovo Watch X
List of Risks
Log4j
MAD
Man in the Middle
Market Leader
microservices
MitM
Mobb.ai
Mobile App Security
Modern Application Development
National Cybersecurity Strategy
NCSAM
New Engine
NIS2
NIST
NIST 800-218
Nondeterministic Finite Automaton (NFA)
Nucleus Research
Open SAMM
open source
Open Source Analysis
Open Source Components
Open Source Licenses
open source programming language
Open Source Projects
Open Source Research
Open Source Security
Open Source Software
Open Source Supply Chain
Open Source Vulnerabilities
OWASP
OWASP 2016 Mobile Top 10
OWASP API Security Project
OWASP API Top 10
OWASP Top 10
OWASP Top 10 API
Pandemic
Partner Program
Partner Training
partners
partnership
PHP
Platform
predictions
privacy
Privilege Escalation
Programming
Programs
Public Sector
PubSec
PyPi
Python
Python Obfuscation
Race Condition
Random-token Sanitizer
RCE
Recommendations
ReDoS
Reflected XSS
regex
Regular Expression Denial of Service
Regular Expressions
regulations
Regulatory Requirements
Remote Code Execution Vulnerabilities
remote exploit
Report
Research
Results Correlation
Retail Security
Return on Investment
ROI
RSA Conference
RSA Conference APJ
Ruleset Content Packs
S3
SAMM
SAST
SBOM
SCA
SCM
SCS
SDLC
secrets
Secure Application Development
Secure Coding
Secure Coding Education
secure coding practices
Secure Development
Secure SDLC
Secure Software Development
security
Security Automation
Security Champions
Security Leadership
security maturity
Security Policies
security research
Security Risks
Security training
Security Vulnerabilities
Security Vulnerability
Self-XSS
ServiceNow
Session Hijacking
Shift Center
Shift Left
SLED
smart scale
smart watch
Sniffing
Software Assurance Maturity Model
Software Bill of Materials
Software Composition Analysis
Software Developers
Software Development
Software Engineering
software exposure
software security
Software Security Platform
software security program
Software Supply Chain
Software Supply Chain Security
Software-borne Risks
Source Code Analysis
Speed and Security
SQL Injection
SSA
sSDLC
SSL/TLS
State and Local Governments
static analysis
Static Application Security Testing
static code analysis
Stored-XSS
Supply Chain
supply chain attack
Supply Chain Security
Survey
Sysdig
Thought Leadership
Tips
Top 10 Issues
Top Considerations
Training Exposure
typosquatting
U.S. Air Force
US Government
Voice of the Customer
Vulcan Cyber
vulnerabilities
Vulnerability
vulnerability disclosure
Vulnerability Remediation
Vulnerable Apps
vulnerable IoT objects
WAF
Web Application Firewall
Web Tokens
webinar
WebView
XSS
Year in Review
Applied Filters:
Clear filters
August 24, 2022
API Security Is the New Endpoint Security
Read More
September 9, 2021
OWASP API Risk List: What It Does Well, and What Could Be Improved
Read More
October 29, 2020
Erez Yalon: A Security Leader in the API Economy
Read More
February 11, 2020
Checkmarx Research: SoundCloud API Security Advisory
Read More
January 6, 2020
Breaking Down the OWASP API Security Top 10 (Part 2)
Read More
November 6, 2019
Breaking Down the OWASP API Security Top 10 (Part 1)
Read More