Checkmarx Unveils Fusion 2.0
June 07, 2023

Checkmarx announced Fusion 2.0, with a new Application Risk Management module.

Application Risk Management consolidates vulnerabilities, risk ratings and prioritization guidance across an organization’s entire application portfolio into one comprehensive dashboard, making it easy to direct developers towards the riskiest applications.

Application Risk Management presents an overall application “risk score” to help prioritize the investment of resources along with guidance on remediation

Checkmarx Fusion correlates data across every AST solution on the Checkmarx One platform to prioritize the most critical vulnerabilities to fix first. Application Risk Management builds on Fusion’s correlation engine to consolidate and prioritize risks not just within an application, but now across the entire application portfolio. This enables AppSec teams to focus on reducing the most significant risks across their application portfolios and quickly direct developers to the most critical vulnerabilities in the riskiest applications while improving the developer experience.

“As enterprises rapidly expand cloud-native development efforts, the complexity of software continues to increase,” said Sandeep Johri, CEO at Checkmarx. “The increase in complexity has led directly to an overall increase in software vulnerabilities. This results in alert fatigue for AppSec teams and poor developer experience, which poses a real threat to organizations’ ability to identify and remediate important vulnerabilities. With the new Application Risk Management module powered by Fusion 2.0, AppSec teams can easily identify the most serious business risks across their applications and quickly engage and focus their development teams on the most important issues to solve.”

The new Checkmarx Fusion 2.0 with Application Risk Management offers:

- Unified risk analysis: Presents intelligent unified risk analysis across business applications, focusing on the most important and exploitable vulnerabilities.

- Efficient management and prioritization of vulnerabilities: Users can manage and prioritize vulnerabilities efficiently in a consolidated view of security risks across the entire application portfolio.

- Guidance on assigning and resolving security issues: Offers centralized guidance on addressing a range of security issues across the application portfolio.

- Vulnerability Tracing: Users can trace when vulnerabilities were first introduced into the application.

- Unaddressed Critical Risk Timer: Provides valuable insights into the elapsed time during which a particular critical risk has not been addressed.

“There is a mindset change in the application security industry. It’s no longer about trying to find every vulnerability and hoping for the best,” said Kobi Tzruya, Chief R&D Officer at Checkmarx. “Enterprises today need help in understanding where to focus. With Fusion 2.0, they can immediately understand that with a list of top vulnerabilities out of the many that our solutions find.”

Share this

Industry News

September 21, 2023

Red Hat and Oracle announced the expansion of their alliance to offer customers a greater choice in deploying applications on Oracle Cloud Infrastructure (OCI). As part of the expanded collaboration, Red Hat OpenShift, the industry’s leading hybrid cloud application platform powered by Kubernetes for architecting, building, and deploying cloud-native applications, will be supported and certified to run on OCI.

September 21, 2023

Harness announced the availability of Gitness™, a freely available, fully open source Git platform that brings a new era of collaboration, speed, security, and intelligence to software development.

September 20, 2023

Oracle announced new application development capabilities to enable developers to rapidly build and deploy applications on Oracle Cloud Infrastructure (OCI).

September 20, 2023

Sonar announced zero-configuration, automatic analysis for programming languages C and C++ within SonarCloud.

September 20, 2023

DataStax announced a new JSON API for Astra DB – the database-as-a-service built on the open source Apache Cassandra® – delivering on one of the most highly requested user features, and providing a seamless experience for Javascript developers building AI applications.

September 19, 2023

Oracle announced the availability of Java 21.

September 19, 2023

Mirantis launched Lens AppIQ, available directly in Lens Desktop and as (Software as a Service) SaaS.

September 19, 2023

Buildkite announced the company has entered into a definitive agreement to acquire Packagecloud, a cloud-based software package management platform, in an all stock deal.

September 19, 2023

CrowdStrike has agreed to acquire Bionic, a provider of Application Security Posture Management (ASPM).

September 18, 2023

Perforce Software announces BlazeMeter's Test Data Pro, the latest addition to its continuous testing platform.

September 18, 2023

CloudBees announced a new cloud native DevSecOps platform that places platform engineers and developer experience front and center.

September 18, 2023

Akuity announced a new open source tool, Kargo, to implement change promotions across many application life cycle stages using GitOps principles.

September 14, 2023

CloudBees announced significant performance and scalability breakthroughs for Jenkins® with new updates to its CloudBees Continuous Integration (CI) software.