Checkmarx Enhances Software Exposure Platform
March 06, 2019

Checkmarx unveiled major advancements to accelerate adoption of the most comprehensive, unified software security solution on the market.

As the application layer increasingly is the source of successful attacks, risks are amplified as organizations move to agile development and DevOps without implementing proper DevSecOps practices. The latest release of the Checkmarx Software Exposure Platform adds to the management and orchestration layer of the industry’s first unified software security solution released in August 2018 for organizations to:

- Simplify and streamline the managing policies: Using a unified policy engine for both proprietary code and open source software components, organizations can easily define goals and business outcomes jointly defined with business owners and DevOps to determine security risk thresholds for specific applications and projects based on predefined or custom security policies.

- Correlate vulnerabilities across the SDLC for higher result confidence: Leveraging the Checkmarx correlation engine, organizations can easily see if vulnerabilities are present across multiple stages of the SDLC to validate findings. For example, by correlating vulnerability findings between CxSAST and CxIAST, organizations gain the confidence that security risks identified in both source code and runtime applications represent real security risk to the organizations.

- Get Full Visibility into Software Exposure: A new Software Exposure Dashboard presents code vulnerabilities by project, giving business stakeholders full visibility into the organizations’ software security posture over time and presents key KPIs for actual code exposure including the number of outstanding vulnerabilities, their severity and average remediation velocity. Users are also able to zoom into specific projects to view status and metrics.

- Efficiently Remediate Code Vulnerabilities: Checkmarx’s new intelligent remediation engine feeds raw findings across Checkmarx CxSAST, CxOSA and CxIAST and fine tunes the results using machine learning algorithms, to filter out false positives and make correlations to increase confidence levels. User defined policies are applied to automatically generate prioritized findings. This gives organizations actionable results based on business impact and helps organizations focus on what matters most.

- Improved User Management and Access Control: Role-based access control across the Software Exposure Platform allows organizations to define roles with specific permissions and access to meet security and compliance mandates.

The Checkmarx Software Exposure Platform tightly integrates Checkmarx CxSAST, CxOSA, CxIAST and CxCodebashing via a unified management and orchestration layer to address the entire software exposure lifecycle. Checkmarx also offers expert services for software security deployment to advance customers’ DevSecOps programs.

“Software security continues to increase in its significance and importance as a security practice in line with digital transformation and software growth,” said Assaf Dar, Chief Product Development Officer, Checkmarx. “We are committed to helping our customers run their software security programs at scale across their entire portfolio, across the entire SDLC. Checkmarx’s unified Software Exposure Platform addresses software security from end-to-end empowering organizations to move to a true DevSecOps model and deliver secure software faster.”

Share this

Industry News

January 25, 2021

Progress announced the new release of Progress Kendo UI, a complete collection of JavaScript UI components.

January 25, 2021

CloudNatix announced the close of a $4.5M Seed round financing led by DNX Ventures, with the participation from a new investor Cota Capital and existing investors: Incubate Fund, Vela Partners and 468 Capital.

January 25, 2021

Quali announced $54 million in new funding, co-led by Greenfield Partners and JVP.

January 21, 2021

Platform9 released Platform9 Release 5.0, with a number of new features to provide operational efficiencies for its freedom, growth, and enterprise managed Kubernetes products.

January 21, 2021

Infragistics announced the release of Infragistics Ultimate 20.2, a complete UX and UI solution for  design and development teams  which is fully compatible with .NET 5, Microsoft’s latest  release of .NET development platform.

January 21, 2021

Couchbase Cloud is now available on Microsoft Azure.

January 20, 2021

Hitachi Vantara announced the availability of Hitachi Kubernetes Service, enabling customers to consistently and securely deploy, manage, monitor, and govern Kubernetes clusters across major cloud providers and on premises.

January 20, 2021

Internal announced the launch of an enterprise-ready app development platform for internal tools.

January 20, 2021

StackPulse announced a $20 million Series A led by GGV Capital.

January 19, 2021

GitLab announced GitLab Ultimate for IBM Cloud Paks, which is designed to help streamline team collaboration and increase team productivity with a comprehensive, easy-to-use DevOps platform.

January 19, 2021

Fugue announced new capabilities for bringing public cloud container resources into compliance and ensuring the continuous security of container runtime configurations.

January 19, 2021

Rookout announced new functionality that empowers software developers to debug other people’s code.

January 14, 2021

Oracle is making its popular APEX low-code development platform available as a managed cloud service that developers can use to build data-driven enterprise applications quickly and easily.

January 14, 2021

Parasoft announced its C/C++test update to support IAR Systems' build tools for Linux for Arm.

January 14, 2021

Harness raised $115 million in financing, reaching a valuation of $1.7 billion in just three years after launching from stealth.