While offering a service or solution that still operates on-premise, on bare metal may seem as archaic and old-school as inserting a CD into a stereo to listen to music, it’s still quite common. Especially in the public sector, where…
Pete Chestna, Checkmarx CISO, on the Technologies Enabling a Continuous ATO
With software becoming increasingly essential to today’s government and military, and digital transformation initiatives among the highest priorities within the IT departments of government organizations, there is a strong desire across the government to develop and implement new applications quickly.…
Shifting Application Security Left Requires Changing Both Culture and Tools
In late August, the Advanced Technology Academic Research Center (ATARC) sponsored a Webinar in conjunction with Checkmarx and Invicti entitled, “Shifting Security Left with DevSecOps.” This virtual panel discussion featured prominent application development leaders and experts from both the government…
Seven reasons why federal agencies need a unified approach to application security
Today’s government agencies and military organizations are developing applications and digital services as fast as they can to meet urgent needs. This rapid pace of application development only accelerated in 2020 when government IT departments and application development teams were…
Four Best Practices for Secure App Development in AWS
This article was originally featured on the Checkmarx blog. Click HERE to read the original in its entirety. The advantages of cloud-native applications in an AWS deployment are well understood. AWS delivers flexibility, scalability, usability, and so much more. But,…
Government AppDev Leaders Explain the Benefits and Risks of APIs and IaC
On Thursday, May 20, the Institute for Critical Infrastructure Technology – a cybersecurity-focused think tank – brought together leaders from across the federal government and military to discuss an incredibly important topic – the benefits and risk factors that new…
The Up-Hill Climb of Modern Application Security
According to the analyst firm Gartner, “Over 70 percent of security vulnerabilities exist at the application layer, not the network layer.” This number was even higher in findings by the National Institute of Standards and Technology (NIST), which found that…
Two New Attack Vectors Creating an AppSec Imperative for Development Teams
As digital transformation initiatives sweep across the government and military, the role of software continues to grow and increase in importance. Today, every government agency and military organization is looking to embrace applications that can make their workforce more effective,…
Developer Spotlight – DevSecOps Helps goTenna Deliver Secure Communications to the Military
DevSecOps is rapidly gaining traction within the federal government and with the IT solution providers and contractors that service both the federal government and military. And for very good reason. Evolving away from traditional forms of application development – such…
