Israel-headquartered Checkmarx, a global provider of developer-centric application security testing (AST), has released its Checkmarx Application Security Platform. This integrated cloud platform is aimed at helping CISOs, AppSec teams, and developers address the growing and dynamic security challenges they face.
The platform would fit into any workflow or tool, delivering security with the speed, size, and flexibility needed to handle the most recent development requirements. Through webhook connectors, a common set of APIs, or a command line interface, it would integrate smoothly with all contemporary frameworks and development infrastructures.
The cloud platform for application security would deliver complete, accurate, and actionable intelligence to repair vulnerabilities early in the development life cycle, with one-click scanning across many crucial components of the application code. A full scan of source code, third-party open-source libraries, API contracts, and infrastructure as code (IaC) templates is initiated with a single click. To assist security executives, AppSec teams, and developers alike, results are collected, validated, and supplemented with professional repair recommendations.
The platform provides on-demand training to enable extensive code security, reduce human error, and enable organizations to build security into their processes and technologies as part of the application development life cycle. It’s being achieved through direct integration with Checkmarx Codebashing, the company’s developer education solution.
The AppSec Platform, which is delivered as software-as-a-service (SaaS), would firmly integrate security into development while removing infrastructure management overhead and enabling regular upgrades and feature advancements. Metering, monitoring, access, and user experience are examples of foundational services that make management of all applications, services, and deployments easier. Furthermore, the cloud platform enables third parties to create utilizing platform services and APIs that provide a consistent user experience and virtualized services that would otherwise be inconsistent across clouds.
“Software development drives business innovation, serving as an enabler and differentiator across all industries. However, software is becoming more complex, causing security and development teams to struggle with the fast pace and immense risk it can bring an organization,” said Razi Sharir, chief product officer at Checkmarx. “With the Checkmarx Application Security Platform, we are enabling secure software development across the business, giving security and AppSec teams visibility into all aspects of application code. This new integrated solution replaces multiple complex point products with a single platform that delivers actionable, accurate results, allowing developers to code boldly and quickly without sacrificing security.”
AppSec Platform, for CISOs
Checkmarx has vowed to continue contributing to these communities through education and open-source initiatives like the IaC scanning project KICS, as part of its commitment to bringing security and development together through industry-leading solutions and services.
“Checkmarx is a strong advocate for providing free tools and education to foster secure innovation across the community,” added Mr. Sharir. “KICS was just a starting point. We have some big announcements in the beginning of next year, as we work toward our goal of contributing back to the security and developer communities.”
Checkmarx’s AppSec Platform enables CISOs and their security teams to stay ahead of application security flaws by providing the most comprehensive visibility across cloud-based components and architectures, including containers, APIs, IaC, microservices, and more. The platform has a single dashboard that shows all risk insights, including those from complicated third-party code, in one place, minimizing resolution time and enhancing visibility and productivity. It gives security professionals more freedom while decreasing tool fatigue by integrating with any contemporary development infrastructure.