Checkmarx Announces AppSec Coach
September 19, 2016

Checkmarx announced availability of a new secure coding eLearning platform, called AppSec Coach, providing Checkmarx customers the ability to address one of the greatest challenges in the software industry when it comes to application security: finding an effective way to provide developers knowledge and skills to write secure code.

The new capability is a significant addition to the Checkmarx application security testing portfolio, which helps to sharpen the skills developers need to fix vulnerabilities and write secure code. This new add-on provides in-context, bite-sized secure coding training modules, available when and where the developer needs to fix the code. AppSec Coach, integrated within Checkmarx CxSAST source code analysis solutions, is the first of its kind for developer security education and the new offering strengthens the Checkmarx commitment to developer enablement.

Lack of developer secure coding skills and awareness is continuously named as one of the most significant challenges organizations face across all verticals. As reiterated in the SANS 2016 State of Application Security survey, developer education is seen as the most effective tool to enhance the application’s security state. However, that same survey shows that implementing effective and continuous education is still the top challenge for these same organizations.

Checkmarx AppSec Coach, integrated within CxSAST, is a fun and engaging approach to get developers the knowledge they need at the time and place they need it most. By providing in-context, interactive, bite-sized educational modules, AppSec Coach ensures developers are trained exactly on what they need, when they need it, without pulling them out of their daily work routine.

“Skills shortages will continue to be a problem as new technologies emerge,” says Johannes Ullrich, Ph.D, Dean of Research for the SANS Technology Institute. “Skills shortages have, historically, been a problem for almost all InfoSec disciplines. Organizations will need to continue to leverage training and education to develop their skill sets.”

“It's no secret that the ability to deliver secure applications eventually depends on the developer's ability to avoid the pitfalls a hacker would exploit,” says Nir Livni, VP of Products at Checkmarx. “Introducing AppSec Coach serves that exact purpose. AppSec Coach allows organizations to further shift left their remediation activities, and moreover, to write secure code to begin with. This will not only reduce development and remediation costs, but also reduce the overall time to market.”

The Latest

October 16, 2018

More than half of organizations have a dedicated DevOps team to help them better implement agile strategies, accelerate release cycles and ensure continuous development. However, databases have a habit of holding DevOps back ...

October 15, 2018

Test Environment Management can save organizations close to $10,000 for each release, yet only four percent of large enterprises have fully integrated TEM processes into organizational DNA, according to the 2018 Test Environment Management Survey released by EMA and Plutora ...

October 11, 2018

Agile is indeed expanding across the enterprise and there was a significant jump from last year to this year in the percentage of respondents who indicated that all or almost all of their teams were agile, according to the State of Agile 2018 report from CollabNet ...

October 09, 2018

Adopting a modern application architecture is critical to business success and a significant driver of profit growth in today’s digital economy, according to the results of a global survey of IT and business executives released by CA Technologies and conducted by Frost & Sullivan ...

October 04, 2018

How do you integrate tools to enable shift-left performance? The following tools will simplify maintenance, can be managed in a centralized way, and provide an easy-to-use UI to comprehend results ...

October 03, 2018

Focusing at the API layer of an application can help enable a scalable testing practice that can be efficiently executed as part of an accelerated delivery process, and is a practice that can be adopted and enabled at the earliest possible stages of development — truly shifting left functional testing. But what about performance testing? How do we enable the shift left of nonfunctional testing? Here, we explore what this means and how to enable it in your organization ...

October 01, 2018

As businesses look to capitalize on the benefits offered by the cloud, we've seen the rise of the DevOps practice which, in common with the cloud, offers businesses the advantages of greater agility, speed, quality and efficiency. However, achieving this agility requires end-to-end visibility based on continuous monitoring of the developed applications as part of the software development life cycle ...

September 27, 2018

Imagine that you are tasked with architecting a mission-critical cloud application. Or migrating an on-premise app to the cloud. You may ask yourself, "how do the cloud savvy companies like Airbnb, Adobe, SalesForce, etc. build and manage their modern applications?" ...

September 26, 2018

In a DevOps evolution, there are many paths to success, but even more that lead to failure, according to the 2018 State of DevOps Report from Puppet ...

September 24, 2018

From how applications and infrastructure are developed, configured and built to how they are tested and deployed, pervasive automation is the key to achieving better efficiency and standardization that gives companies the competitive edge. Pervasive automation is the concept of scaling automation broadly and deeply across the entire software delivery lifecycle ...

Share this