Emmanuel Benzaquen, CEO“The Checkmarx Software Exposure Platform aligns Software Security with DevOps culture, detecting, intelligently prioritizing, and remediating exposure across the software development lifecycle (SDLC) from the coding stage through the runtime application testing stage,” mentions Emmanuel Benzaquen, CEO at Checkmarx. It supports a combination of integrations for the required automation in an agile pace development environment coupled with a variety of technologies to empower development and security that will improve the overall security posture of an organization.
The platform has different adoption services that can be used in conjunction with each other, few of these services are, Static Application Security Testing (CxSAST), Open Source Analysis (CxOSA), Interactive Application Security Testing (CxIAST) and more. For example, using Checkmarx’s unique incremental scan capabilities, the need to re-scan an entire code base is eliminated if lines of code are added or changed, thus enabling fast results for fast-paced agile environments. Furthermore, the platform allows users to choose from a list of existing query presets or create their custom queries to enforce secure coding practices for regulation compliance, and more.
In an instance, Time Inc., a mass media corporation based in New York City, had to find an application security testing solution that would fit right in with the company’s existing development processes, tools, and be both scalable and dependable within its agile environment. After comprehensive research for the right solution, Checkmarx to streamline the company’s application security program, effectively enhance and secure the SDLC, and enable developers to implement static code analysis in their coding and QA process. Checkmarx CxSAST was quickly and easily deployed to Time Inc.’s incredibly dynamic development teams. Right from the beginning of the deployment, developers had the ease of use and enabled them to enhance their knowledge and understanding of code security. As a result, it allowed Time Inc. to reduce employee resources and time spent on code review. Security issues were handled at much earlier stages of the SDLC.
Checkmarx supports around 1,400 organizations across the globe to measure and manage software risk at the speed of DevOps. The company serves five of the world’s top 10 software vendors, four of the top American banks, and many government organizations and Fortune 500 enterprises, including SAP, Samsung, and salesforce.com. Envisioning the future, the company is committed to grow along with the various advancements happening across the software development space and come up with solutions that provide an absolute control to organizations when it comes to developing software. “Checkmarx vision is to move beyond the barriers and limitation of traditional gated application software approaches and move to the new era where the organizations have the full visibility and control of their software exposure at any stage of their software development lifecycles,” concludes Benzaquen.
In an instance, Time Inc., a mass media corporation based in New York City, had to find an application security testing solution that would fit right in with the company’s existing development processes, tools, and be both scalable and dependable within its agile environment. After comprehensive research for the right solution, Checkmarx to streamline the company’s application security program, effectively enhance and secure the SDLC, and enable developers to implement static code analysis in their coding and QA process. Checkmarx CxSAST was quickly and easily deployed to Time Inc.’s incredibly dynamic development teams. Right from the beginning of the deployment, developers had the ease of use and enabled them to enhance their knowledge and understanding of code security. As a result, it allowed Time Inc. to reduce employee resources and time spent on code review. Security issues were handled at much earlier stages of the SDLC.
Checkmarx supports around 1,400 organizations across the globe to measure and manage software risk at the speed of DevOps. The company serves five of the world’s top 10 software vendors, four of the top American banks, and many government organizations and Fortune 500 enterprises, including SAP, Samsung, and salesforce.com. Envisioning the future, the company is committed to grow along with the various advancements happening across the software development space and come up with solutions that provide an absolute control to organizations when it comes to developing software. “Checkmarx vision is to move beyond the barriers and limitation of traditional gated application software approaches and move to the new era where the organizations have the full visibility and control of their software exposure at any stage of their software development lifecycles,” concludes Benzaquen.
Checkmarx News
“Custodela’s expertise in software security architecture and software development extends Checkmarx’s reach deeper into the DevSecOps program development and services space. The team’s methodologies will support and contribute towards Checkmarx’s mission to transform software security to help businesses fight software exposure and deliver secure software faster.”
The acquisition positions Checkmarx to uniquely empower CIOs and CISOs in accelerating the maturity of their DevSecOps programs with expert services for software security deployment and automation.
“While enabling organizations to develop software with more efficiency and speed, the DevOps process also dramatically expands risk through software exposure,” said Emmanuel Benzaquen, CEO, Checkmarx. “Custodela’s expertise in software security architecture and software development extends Checkmarx’s reach deeper into the DevSecOps program development and services space. The team’s methodologies will support and contribute towards Checkmarx’s mission to transform software security to help businesses fight software exposure and deliver secure software faster.”
According to Gartner, “DevSecOps, modern web application design and high-profile breaches are affecting the growing application security testing market. Security and risk management leaders will need to meet tighter deadlines and test more complex applications by integrating and automating AST in the software life cycle. … By 2019, more than 50% of enterprise DevOps initiatives will have incorporated application security testing (AST) for custom code, an increase from fewer than 10% today.”1
“Implementing automation into DevSecOps processes is a critical challenge for most organizations,” said Ken McDonald, CTO and co-founder, Custodela. “We are excited to join Checkmarx to help advance the automation capabilities in the Software Exposure Platform and deliver premium service offerings to help customers mature their software security programs.”
Only Checkmarx enables businesses to take a comprehensive, unified approach to managing software exposure at the speed of DevOps. Unlike siloed, gate-based application security approaches, Checkmarx gives organizations a more holistic, platform-centric approach where security is driven from a business context perspective and implemented effectively and continuously through automation. In turn, Checkmarx supports all stages of the software development lifecycle while bridging the gaps between senior management and business stakeholders, development, DevOps and operations.