Checkmarx Software Security Platform
Promote this Nomination
Checkmarx Software Security Platform
|Company size (employees)||500 to 999|
|Headquarters Region||Middle East|
|Type of solution||Software|
As development cycles accelerate and software becomes more complex, automated solutions that are purpose-built for DevOps and enable developers to quickly find and fix flaws before software is released are critical. Enter the Checkmarx Software Security Platform.
Comprising CxSAST, CxSCA, CxIAST, and CxCodebashing (AppSec awareness and training) – Checkmarx takes a unified approach to inserting automated security testing throughout all stages of DevOps. Checkmarx’s solutions integrate seamlessly with developer workflows and tools to enable them to find and remediate vulnerabilities in both custom and open source code via one platform before software is released into production. In the last 12 months alone, Checkmarx has evolved its platform significantly by:
● Unveiling new automation capabilities that simplify the implementation of AST in DevOps environments by automatically triggering SAST and SCA scans in the event of pull requests, with results embedded directly into developers’ pipelines.
● Launching a next-gen, SaaS-based SCA solution, with the true value being realized when combined with CxSAST, allowing developers to secure both custom and open source code via one unified solution.
● Announcing integrations with GitHub and GitLab to bring comprehensive, automated AST right to developers’ preferred environments.
With the Checkmarx Software Security Platform, organizations reap immense benefits with regards to reducing coding vulnerabilities, increasing developer productivity, and increasing AppSec scalability. In fact, a new ROI case study from a leading research firm found that by leveraging Checkmarx, a large European financial organization:
● Realized 393% ROI and 7 million in savings over three years;
● Saved 104,000 hours and 1.7 million Euro annually;
● Avoided an estimated 2 million Euro in banking regulatory and GDPR fines; and
● Saw an 80% decrease in necessary employee requirements for overseeing AppSec projects and integrations
How we are different
● Notable Milestones & Growth: Earlier this year, Checkmarx was acquired by Hellman and Friedman for $1.15B, representing the largest acquisition of an application security company to date. Additionally, over the span of 2020, Checkmarx achieved a trifecta of accolades from Gartner, being named a Leader in the Magic Quadrant for AST for the third consecutive year, earning the highest score for the DevOps/DevSecOps use case in the Critical Capabilities for AST report, and being named a Peer Insights Customers’ Choice for AST for the second straight year.
● Superb Customer Satisfaction: The Checkmarx Software Security Platform is highly rated in the industry and amongst customers, so much so that Checkmarx has been named a Gartner Peer Insights Customers’ Choice for Application Security Testing for two consecutive years (2020, 2019). Customer feedback includes:
○ “Checkmarx is the best static scanning tool I’ve used during my 6 years as a software security analyst who specializes in dynamic and static application scans. It gets the job done.” Security and Risk Management, Healthcare Industry
● Elite Research Team: Checkmarx maintains a team recognized for conducting sophisticated security research that not only sets it apart from competitors, but also contributes to safer software security practices amongst organizations worldwide . In the past year, Checkmarx researchers found flaws in SoundCloud, smart vacuums, Meetup.com, Drupal, Apache Unomi, and most notably, Android smartphones. In each case, the research team worked closely with vendors to help them understand and remediate these flaws, ensuring the issues were completely fixed before publicly disclosing. With head of security research Erez Yalon also serving as a co-lead in the development of the OWASP API Security Top Ten list, Checkmarx’s unique contributions to software security go well beyond delivering a top-class automated scanning solution.