Checkmarx Application Security Platform
October 19, 2021

Checkmarx announced the launch of the Checkmarx Application Security Platform to help CISOs, AppSec teams, and developers address the growing and dynamic security challenges they face.

With groundbreaking capabilities, the platform integrates into any workflow or tool, delivering security with the speed, scale, and flexibility to support the latest development requirements. It seamlessly works with all modern frameworks and development infrastructures through webhook integrations, a standard set of APIs, or command line interface.

Offering one-click scanning across many critical components of the application code, the platform provides the most complete, accurate, and actionable intelligence to remediate vulnerabilities early in the development life cycle. One click triggers a comprehensive scan to examine source code, third-party open-source libraries, API contracts, and infrastructure as code (IaC) templates. Results are aggregated, verified, and augmented with expert remediation advice to benefit security leaders, AppSec teams, and developers alike.

Through direct integration with Checkmarx Codebashing, the company’s developer education solution, the platform provides on-demand training to enable extensive code security, reduce human error, and enable organizations to build security into their processes and technologies as part of the application development life cycle.

Delivered as software as a service, the AppSec Platform tightly incorporates security into development while eliminating infrastructure management overhead as well as providing continuous updates and functional enhancements. Foundational services—such as metering, monitoring, access, and user experience—simplify administration of all applications, services, and deployment. In addition, the platform allows third parties to develop using platform services and APIs with a common experience and virtualized services that would otherwise vary across clouds.

“Software development drives business innovation, serving as an enabler and differentiator across all industries. However, software is becoming more complex, causing security and development teams to struggle with the fast pace and immense risk it can bring an organization,” said Razi Sharir, CPO at Checkmarx. “With the Checkmarx Application Security Platform, we are enabling secure software development across the business, giving security and AppSec teams visibility into all aspects of application code. This new integrated solution replaces multiple complex point products with a single platform that delivers actionable, accurate results, allowing developers to code boldly and quickly without sacrificing security.”

Committed to bringing security and development together through industry-leading products and services, Checkmarx has also pledged to continue contributing to these communities through education and open source projects like the IaC scanning project KICS.

“Checkmarx is a strong advocate for providing free tools and education to foster secure innovation across the community,” said Sharir. “KICS was just a starting point. We have some big announcements in the beginning of next year, as we work toward our goal of contributing back to the security and developer communities.”

Today’s CISOs face significant challenges, including managing a broad security scope, adhering to evolving global compliance requirements, effectively reporting security progress to the board, and mitigating the risk of internal and external threats. As the pace of application development increases, application security becomes a heightened priority as well.

Through the AppSec Platform, Checkmarx allows CISOs and their security teams to stay ahead of application security vulnerabilities, maintaining the deepest visibility across cloud-based components and architectures, such as containers, APIs, IaC, microservices, and more. The platform features a single dashboard that provides a unified view of all risk insights, including those from complex third-party code, reducing resolution time while increasing visibility and productivity. By integrating with all modern development infrastructure, it provides security professionals with flexibility while reducing their tool fatigue.

Nearly half (46%) of developers are expected to build and deploy software more quickly today than before the pandemic. This speed to market translates to business impact, with the McKinsey Developer Velocity Index finding that companies that achieved increased developer velocity in the top quartile saw revenue growth five times faster than organizations in the bottom quartile. To meet these increasing demands and deliver exceptional applications, development teams need a solution that seamlessly integrates with their existing workflows.

Checkmarx enables developers to easily build secure code from start to finish while accelerating development. Vulnerability detection occurs earlier in the development cycle, with the platform providing expert advice on how to quickly remediate risks. Whether through cloud native applications or on-premises deployment, it enables developers to integrate security in their coding environments from the start, allowing for full management of risks throughout development, even after the code is deployed. Teams can write code securely and confidently, providing significant market benefits for their organizations.

The Checkmarx Application Security Platform includes industry-leading SAST, SCA, Codebashing, and KICS application security services.

Share this

Industry News

December 02, 2021

Mirantis announced DevOpsCare, powered by Lens, a vendor-agnostic, fully-managed CI/CD (continuous integration/continuous deployment) product for any Kubernetes environment, offering developers higher levels of productivity more quickly.

December 02, 2021

The D2iQ Kubernetes Platform (DKP) is now available in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services, Inc. (AWS).

December 01, 2021

Bugcrowd announced the availability of Bugcrowd's cybersecurity solutions on the AWS Marketplace, providing customers with easy access, simplified billing, quick deployment, and streamlined license management.

December 01, 2021

Kublr received Microsoft Azure Arc-enabled Kubernetes validation, including for Azure Arc-enabled Kubernetes for Data Services.

December 01, 2021

CloudSphere achieved Amazon Web Services (AWS) Migration and Modernization Competency for discovering, planning, and helping enterprise customers move business services to AWS to reduce cost, increase agility and improve security.

November 30, 2021

JFrog introduced a new container registry and package manager for running JFrog Artifactory with Kubernetes clusters on-premises, in the cloud, or both.

November 30, 2021

Docker announced the availability of Docker Official Images directly from Amazon Web Services (AWS).

November 30, 2021

Weaveworks announced the general availability of Weave GitOps Enterprise, a GitOps platform that automates continuous application delivery and Kubernetes operations at any scale.

November 30, 2021

Amazon Web Services announced AWS Mainframe Modernization, a new service that makes it faster and easier for customers to migrate mainframe and legacy workloads to the cloud, and enjoy the superior agility, elasticity, and cost savings of AWS.

November 29, 2021

Quali announced the newest release of Torque Enterprise, which includes enhanced integration with Terraform, new custom tagging capabilities, and improved cost visibility dashboards, unleashing an entirely new level of self-service access to application environments on demand.

November 29, 2021

Vertical Relevance (VR), a financial services-focused consulting firm, achieved Amazon Web Services (AWS) DevOps Competency status.

November 18, 2021

Loft Labs announced the launch of Loft version 2 with a focus on ease of use that overcomes the major complaint that Kubernetes is complex and hard to set up.

November 18, 2021

Perforce Software announced new functionality to speed remediation of discovered defects in automated scans.

November 18, 2021

Lacework raised $1.3 billion in growth funding at a valuation of $8.3 billion.

November 17, 2021

Parasoft announced the 2021.2 release of Parasoft C/C++test, the unified C and C++ development testing solution for embedded applications.