Checkmarx
The Next Generation of Source Code Security Analysis
 |
“…CHECKMARX is among the top emerging security and business compliance companies to watch closely” |
| -IDC “10 EMEA-based Security Startups to Watch” | |
The Need for Security Code Review
Application source code vulnerabilities cause the majority of IT attacks and violations. In an age of increased compliance and regulatory requirements, and a growing awareness among potential customers, software developers are working hard to implement best practices throughout the Software Development LifeCycle (SDLC), and discovering that reviewing source code is the most efficient application security method both financially and technically. Static analysis is an automated code review mechanism that allows development teams to scan their source code for programming errors, including those that lead to security vulnerabilities.
CxAudit - Your Source Code Investigator
CxAudit is the interactive query development and code analysis environment that risk managers use to create queries that enforce corporate best practices and regulatory compliance. CxAudit provides teams with the flexibility to develop in-house CxQL queries that can be distributed to the development team using CxDeveloper.
CxDeveloper - Security Experts in a Box
CxDeveloper is the most comprehensive and advanced Static Application Security Testing (SAST) solution. Its interactive environment displays defects unambiguously and accurately, and includes full source code highlighting, navigation and defect path analysis. CxDeveloper comes with hundreds of 'out of the box' queries to allow developers to run analyses on their security source code. The patented CxQL query language will follow a potential vulnerability from presentation back to root all the way through the code path to verify it before reporting a defect. The result is a virtual zero false-positive report rate, allowing for resources to be utilized in fixing true vulnerabilities.
CxViewer Summarizes Key Security Risk Information
CxViewer is the low-cost, read-only viewer used by team leaders and management to obtain audit results and review the vulnerabilities and attack patterns within the code base.
Checkmarx as Part of the Security Innovation Solution
One part of Security Innovation's end-to-end secure software development solution set is the Checkmarx suite of products and the technology that allows for the review of uncompiled code in order to discover vulnerabilites as early in the SDLC as possible and remediate them. Used in conjunction with Holodeck for dynamic analysis, TeamMentor for secure coding guidance and Security Innovation's celebrated training offerings, Checkmarx provides that functional piece that developers and risk managers need to ensure that their software is secure and free of known vulnerabilities.
|
Try CxDeveloper on Your Code - Free - For a Limited Time
|
What to Look for When Choosing a Source Code Analysis (SCA) Solution
 |
Accurate and rapid results |
|
Virtually zero false-positives |
|
|
Valuable results for effective remediation |
|
Low overhead and trouble-free deployment |
|
|
Scanning near-compiling code |
|
Coverage of Vulnerability Types |
|
|
Configurable Queries |
|
Scalability |
|
|
Cost Effective |
|
Usability |
