Checkmarx, a leading provider of cloud-native application security solutions for enterprises, has recently announced the release of Checkmarx Application Security Posture Management (ASPM) and Cloud Insights. These new offerings are designed to provide organizations with enhanced visibility into their application security posture, covering everything from the code to the cloud. Available on the Checkmarx One AppSec platform, ASPM and Cloud Insights aim to empower enterprises developing cloud-native applications to minimize application and business risks by offering comprehensive insights into their application security posture. This, in turn, enables them to correlate, prioritize, and address remediation efforts more efficiently.
Kobi Tzruya, Chief Product Officer at Checkmarx, emphasized the importance of consolidating vulnerabilities and insights obtained from security scanners and tools to identify and address the most critical issues. He highlighted the challenges posed by the increasing complexity of cloud-native applications and the multitude of solutions required to detect vulnerabilities. Tzruya believes that Checkmarx Cloud Insights provides a revolutionary approach to application security by reintroducing runtime context into the development lifecycle, where Checkmarx assists in prioritization efforts. This enables developers to focus on remedying the most crucial vulnerabilities, ultimately leading to more effective remediation efforts in less time.
Checkmarx ASPM is designed to correlate and prioritize security signals from various application security solutions within an enterprise’s development environment. By doing so, ASPM enhances visibility, reduces risk, and improves overall application security posture management. Leveraging Checkmarx’s award-winning Fusion correlation engine and Application Risk Management, ASPM already offers unique insights such as identifying reachable vulnerabilities. With the addition of the Bring Your Own Results (BYOR) capability, ASPM now extends its coverage beyond Checkmarx’s solutions by importing results from third-party tools like SARIF and OSCF from partners such as Zimperium and Onapsis.
Cloud Insights from Checkmarx delivers several key benefits to developers and AppSec leaders, including:
– Correlation and integration of Checkmarx data with information from cloud service providers and cloud-native application protection platforms.
– New methods for prioritizing remediation efforts, such as by analyzing open-source libraries and internet-facing network exposure in cloud environments.
– Tracking remediation progress through the software development lifecycle, pinpointing vulnerabilities, container images, and running container clusters for verification.
Furthermore, the collaboration between Checkmarx and Zimperium allows for the integration of Zimperium’s mobile security threat insights into the Checkmarx ASPM platform. This partnership enables organizations to effectively manage and secure their mobile application landscape, ensuring comprehensive protection against emerging threats.
In conclusion, Checkmarx continues to be a trusted partner for enterprises worldwide in securing their application development processes from code to cloud. By offering a consolidated platform and services that address the evolving needs of enterprises, Checkmarx enhances security measures, reduces total cost of ownership, and fosters trust between different stakeholders involved in application security. With a customer base of over 1,800 organizations, including 40% of the Fortune 100 companies, Checkmarx remains committed to providing seamless and comprehensive security solutions. For more information on the Checkmarx One platform, ASPM, and Cloud Insights, please visit their official website.
Follow Checkmarx on LinkedIn, YouTube, and Twitter/X for the latest updates and insights on application security.