New products from Checkmarx aim to improve code-to-cloud security visibility
Application security testing firm Checkmarx Ltd. today launched two new products, Checkmarx Application Security Posture Management and Cloud Insights, that are designed to help enterprises with code-to-cloud visibility and analysis of cloud-native application security risks.
Available as part of the Checkmarx One AppSec platform, APSM and Cloud Insights allow enterprises that are developing cloud-native applications to reduce application and business risk. The new services do so by delivering end-to-end insights into application security posture, allowing enterprises to better correlate, prioritize and triage remediation efforts.
Checkmarx ASPM correlates and prioritizes security signals from every application security solution in the enterprise development environment to improve visibility, reduce risk and better manage overall application security posture. The service is built on the Checkmarx Fusion correlation engine and Application Risk Management to extract unique insights from the company’s AppSec platform, such as identifying reachable vulnerabilities.
The second new service, Cloud Insights, offers developers and AppSec leaders correlation and integration of Checkmarx data with data from cloud service providers and cloud-native application protection platforms. The service provides new ways to prioritize remediation, including through open-source libraries called in the runtime environment — through integration with Sysdig — and by internet-facing network exposure when deployed in the cloud environment through partnerships with Wiz Inc. and Amazon Web Services Inc.
Cloud Insights also has the ability to track the remediation path of a vulnerability through the software development life cycle by way of the attack path. For example, if a vulnerability is found in a running application, it identifies the repository and the developer to speed the process of remediation. it also pinpoints the container image to verify that the fix is reflected there and lists the running container clusters to enable verification that the running application was rebooted with fixed images and is no longer in the running environment.
“With the increase in complexity inherent with cloud-native applications and the various solutions required to detect vulnerabilities in every aspect of the applications, development and application security teams are simply lost,” said Kobi Tzruya, chief product officer at Checkmarx. “Cloud Insights revolutionizes the way that teams approach application security by bringing runtime context back into the development life cycle, where Checkmarx helps them prioritize.”
Checkmarx is a venture capital-backed startup, having raised $98.5 million in venture capital funding over three rounds, according to Tracxn. Investors in the company include Insight Venture Partners LP, Salesforce Ventures LLC, TPG Global LLC, Franciso Partners Management LP and XT Hi Tech Investments Ltd.
Photo: Checkmarx
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU