The solution automates all Application Security Testing processes at each stage of the Software Development Lifecycle: from code writing to retirement and makes each of them more efficient.
- About the platform887.37 KB
- SAST443.85 KB
- IAST1 MB
- Codebashing671.48 KB
SW application security is as multilevel as all other challenges faced by players in the information security market. Software security should be guarded at each stage of its development – from design to retirement. Checkmarx as a SW integrated platform for application security testing makes all said processes automated and most efficient.
Today the Checkmarx platform consists of 4 modules that can be united and seamlessly embedded into SDLC and SI/CD processes. Each module is used at a certain stage of SW development to write a secure and high quality application.
VULNERABILITY MANAGEMENT STREAMLINING
The CxSAST module has unique technical capabilities allowing developers to reduce error correction time. It is a very simple and user friendly solution that does not require any extra costs for administration and provides flexible reporting tools.
APPLICATION MONITORING
The CxIAST module is designed for monitoring real time application testing process and capable to detect vulnerabilities in a running application under test. CxIAST is developed for flexible DevOps and CI/CD processes and requires no additional security testing costs which ensures considerable time savings for developers and testers. Unlike obsolete dynamic analysis solutions (DAST), CxIAST does not anyhow hinder the SW development life cycle and performs monitoring not scanning.
SECURE DEVELOPMENT TRAINING
The CxCodebashing module represents a new generation of professional interactive on-site secure development trainings. CxCodebashing is a set of interactive training courses that includes lessons on various types of vulnerabilities. Utilizing the cloud based system developers learn the sources and courses of various vulnerabilities, associated risks and remediation methods.
ANALYSIS OF OPEN SOURCE COMPONENTS
The CxOSA module is transparently embedded into the development cycle and performs constant monitoring of Open Source components detecting vulnerabilities and offering troubleshooting recommendations. Currently CxOSA is a module of the CxSAST analyzer due to which all data generated by these two solutions are provided in a single window.
The solution automates all Application Security Testing processes at each stage of the Software Development Lifecycle: from code writing to retirement and makes each of them more efficient.
Advantages
Comprehensive platform
Checkmarx is a 4 module software integrated platform designed to analyze application security
Over 25 languages
Checkmarx CxSAST support more than 25 coding and scripting languages, scenarios and frameworks
Complete vulnerability coverage
CxSAST is capable to detect hundreds of known code vulnerabilities
«Best Fix Location»
The Best Fix Location CxSAST static analysis algorithm allows for remediation of multiple vulnerabilities at a single point in the code
Real time monitoring
CxIAST detects vulnerabilities in running applications under test
Open Source Security
CxOSA detects Open Source components and issues remediation recommendations
Training
CxCodebashing provides on-site secure coding training
«Shift left»
Manages vulnerabilities at early development stages!
Minimum false positive rate
The Query Language technology allows for a fine tuning and is capable of detecting a vulnerability in a code and business logic errors