Checkmarx introduces Application Security Posture Management and Cloud Insights

Powerful new capabilities reduce “noise” by more than 80% with consolidation, correlation, prioritization and risk management that leverage visibility from code to cloud, incorporating runtime insights directly from cloud providers.

  • Wednesday, 12th June 2024 Posted 1 month ago in by Phil Alsop

Checkmarx has released Checkmarx Application Security Posture Management (ASPM) and Cloud Insights to provide organizations with unmatched visibility into their application security posture stretching from code to cloud. Available on the Checkmarx One AppSec platform, ASPM and Cloud Insights empower enterprises developing cloud-native applications to dramatically reduce application and business risk by delivering end-to-end insights into their application security posture, helping them better correlate, prioritize and triage remediation efforts.

 “Developers and AppSec teams are looking to consolidate the vulnerabilities and insights they get from security scanners and tools so they can identify and work on what are truly the most important to remediate in order to prevent issues in cloud runtime. With the increase in complexity inherent with cloud-native applications, and the various solutions required to detect vulnerabilities in every aspect of the applications, development and application security teams are simply lost,” said Kobi Tzruya, Chief Product Officer at Checkmarx. “Checkmarx Cloud Insights revolutionizes the way that teams approach application security by bringing runtime context back into the development life cycle, where Checkmarx helps them prioritize. Now developers can focus on what matters most, allowing them to make the most effective remediation efforts in less time.”

Checkmarx ASPM correlates and prioritizes security signals from every application security solution in the enterprise development environment, to improve visibility, reduce risk and better manage overall application security posture. ASPM is built on Checkmarx’ award-winning Fusion correlation engine and Application Risk Management, which already extracted unique insights from our consolidated AppSec platform, such as identifying reachable vulnerabilities. It now adds a new capability to Bring Your Own Results (BYOR) to expand coverage beyond Checkmarx’ award-winning solutions by importing SARIF and OSCF results from any third-party solution, including those from Checkmarx partners such as Zimperium, Onapsis and others.

With Checkmarx Cloud Insights, developers and AppSec leaders benefit from:

· Correlation and integration of Checkmarx data with data from cloud service providers (CSPs) and cloud-native application protection platforms (CNAPP).

· New ways to prioritize remediation, including through open-source libraries called in the runtime environment (via integration with Sysdig) and by internet-facing network exposure when deployed in the cloud environment (through partnerships with Wiz and Amazon Web Services.) The information is integrated within Checkmarx Application Risk Management.

· The ability to track remediation of a vulnerability through the software development life cycle (SDLC) by way of the attack path. For example, if a vulnerability is found in a running application, Cloud Insights:

· Identifies the repository and the developer to speed the process of remediation

· Pinpoints the container image to verify that the fix is reflected there

· Lists the running container clusters to enable verification that the running application was rebooted with fixed images and is no longer in the running environment.

· Improved developer experience with the delivery of prioritized risk intelligence that focuses developers on remediating vulnerabilities that are most critical, are most at risk of exploitation or that represent the greatest risk.

"Checkmarx One is the leading enterprise application security platform. By opening it to third-party results, our joint customers can easily extend their coverage and get a unified view within Checkmarx ASPM. We’re excited to partner with Checkmarx, which brings Zimperium’s leading mobile security threat insights directly into the Checkmarx Application Security Posture Management (ASPM) platform,” said Nitin Bhatia, Chief Strategy Officer at Zimperium. “This collaboration empowers an organization to manage and secure their entire mobile application landscape more effectively, ensuring comprehensive protection against emerging threats."

Schneider Electric launches five new certifications

Posted 13 hours ago by Phil Alsop
EcoXpert partner program enables certified partners and valued customers to access to global skills development ecosystem for competency training...

A day of cutting-edge data storage insights

Posted 13 hours ago by Phil Alsop
Backup and data recovery trends, flash storage innovations, the use of cutting-edge AI in virtual machine environments and more were at the heart of...

Cubbit raises $12.5m

Posted 14 hours ago by Phil Alsop
LocalGlobe and ETF Partners co-led the $12.5M raise (approx. €11.6M or £10M).

Netscout expands IT observability

Posted 14 hours ago by Phil Alsop
New Business Edge Observability supports comprehensive performance management for networks, applications, and user experience to mitigate risk and...

Next-Gen MDR

Posted 1 day ago by Phil Alsop
MDR pioneer and validated leader delivers the fastest detection, investigation and response across all attack surfaces; service partners join in...
AI-powered features to provide forecasts and recommendations to future hosting cities.
ManagementStudio has introduced its Engage programme for channel partners to deliver to their customers. The Engage Assessment Programme enables...
New cloud, security, AI – integrated product innovations let the machines do the work to elevate human potential.