New Checkmarx Application Security Posture Management and Cloud Insights Offer Enterprises Code-to-cloud Visibility and Analysis of Cloud-native AppSec Risk

PARAMUS, N.J.--(BUSINESS WIRE)--Checkmarx, the industry leader in cloud-native application security for the enterprise, has released Checkmarx Application Security Posture Management (ASPM) and Cloud Insights to provide organizations with unmatched visibility into their application security posture stretching from code to cloud. Available on the Checkmarx One AppSec platform, ASPM and Cloud Insights empower enterprises developing cloud-native applications to dramatically reduce application and business risk by delivering end-to-end insights into their application security posture, helping them better correlate, prioritize and triage remediation efforts.

“Developers and AppSec teams are looking to consolidate the vulnerabilities and insights they get from security scanners and tools so they can identify and work on what are truly the most important to remediate in order to prevent issues in cloud runtime. With the increase in complexity inherent with cloud-native applications, and the various solutions required to detect vulnerabilities in every aspect of the applications, development and application security teams are simply lost,” said Kobi Tzruya, Chief Product Officer at Checkmarx. “Checkmarx Cloud Insights revolutionizes the way that teams approach application security by bringing runtime context back into the development life cycle, where Checkmarx helps them prioritize. Now developers can focus on what matters most, allowing them to make the most effective remediation efforts in less time.”

Checkmarx ASPM correlates and prioritizes security signals from every application security solution in the enterprise development environment, to improve visibility, reduce risk and better manage overall application security posture. ASPM is built on Checkmarx’ award-winning Fusion correlation engine and Application Risk Management, which already extracted unique insights from our consolidated AppSec platform, such as identifying reachable vulnerabilities. It now adds a new capability to Bring Your Own Results (BYOR) to expand coverage beyond Checkmarx’ award-winning solutions by importing SARIF and OSCF results from any third-party solution, including those from Checkmarx partners such as Zimperium, Onapsis and others.

With Checkmarx Cloud Insights, developers and AppSec leaders benefit from:

• Correlation and integration of Checkmarx data with data from cloud service providers (CSPs) and cloud-native application protection platforms (CNAPP).
• New ways to prioritize remediation, including through open-source libraries called in the runtime environment (via integration with Sysdig) and by internet-facing network exposure when deployed in the cloud environment (through partnerships with Wiz and Amazon Web Services.) The information is integrated within Checkmarx Application Risk Management.
• The ability to track remediation of a vulnerability through the software development life cycle (SDLC) by way of the attack path. For example, if a vulnerability is found in a running application, Cloud Insights:
  • Identifies the repository and the developer to speed the process of remediation
  • Pinpoints the container image to verify that the fix is reflected there
  • Lists the running container clusters to enable verification that the running application was rebooted with fixed images and is no longer in the running environment.
• Improved developer experience with the delivery of prioritized risk intelligence that focuses developers on remediating vulnerabilities that are most critical, are most at risk of exploitation or that represent the greatest risk.

"Checkmarx One is the leading enterprise application security platform. By opening it to third-party results, our joint customers can easily extend their coverage and get a unified view within Checkmarx ASPM. We’re excited to partner with Checkmarx, which brings Zimperium’s leading mobile security threat insights directly into the Checkmarx Application Security Posture Management (ASPM) platform,” said Nitin Bhatia, Chief Strategy Officer at Zimperium. “This collaboration empowers an organization to manage and secure their entire mobile application landscape more effectively, ensuring comprehensive protection against emerging threats."

For more information on the Checkmarx One platform, ASPM and Cloud Insights, visit this page.

About Checkmarx

Checkmarx has been trusted by enterprises worldwide to secure their application development from code to cloud. Our consolidated platform and services balance the dynamic needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers and CISOs. At Checkmarx, we believe it’s not just about finding risk, but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders. We are honored to serve more than 1,800 customers, including 40 percent of all Fortune 100 companies.

Follow Checkmarx on LinkedIn, YouTube, and X.