Checkmarx Launches Collaborative Checkmarx Zero Research Hub to Share Application Security and Software Supply Chain Threat Intelligence

PARAMUS, N.J.--(BUSINESS WIRE)--Checkmarx, the industry leader in cloud-native application security for the enterprise, announced today that its security research team, Checkmarx Zero, has launched a collaborative application security (AppSec) research hub.

Checkmarx VP of Security Research Erez Yalon said, “The Checkmarx Zero team has always shared our findings with others in the research community within our blog and at more than 100 conference sessions. We invite other AppSec and software supply chain security researchers to explore our vulnerability research and to contribute their own findings as we work together to keep our organizations safe.”

The Checkmarx Zero hub includes detailed findings based on years of dedicated research, including:

• 200+ vulnerabilities curated monthly
• More than 130 zero-days
• In-depth research reports including malicious package names and indicators of compromise (IOCs)

Checkmarx Zero has become well-known for the discovery of some significant vulnerabilities and threat campaigns in recent years, including:

• An Amazon Ring vulnerability that could have allowed access to users’ camera recordings
• An ongoing campaign by a group nicknamed RED-LILI that launched hundreds of malicious packages as part of node package manager (NPM) attacks on Azure and other developers
• The first known software supply chain attacks targeted at the banking industry

To explore the research site, visit checkmarx.com/zero. To follow the Checkmarx Zero team on social media, visit this page.

About Checkmarx

Checkmarx helps the world’s largest enterprises get ahead of application risk without slowing down development. More applications, faster pipelines and growing threats are all contributing to skyrocketing risk. Checkmarx helps end the guesswork in identifying the most critical issues to fix. Giving AppSec the tools they need while letting developers work the way they want, from DevOps pipelines to developer experience, Checkmarx helps security and development teams work better together – all on a unified application security platform. That’s why so many enterprises rely on Checkmarx to scan over one trillion lines of code each year, see 2X ROI, and improve developer productivity on security tasks by 50%. Checkmarx. Always Ready to Run.

Follow Checkmarx on LinkedIn, YouTube and X.