|
|
|
Security analysis throughout the development life cycle
Checkmarx on Demand is a Software-as-a-Service (SaaS) solution that allows software security testing in near real-time with unprecedented accuracy. This automated, turnkey service offers an efficient way to test applications at any stage of the life cycle.
Checkmarx’s offering leverages the unique ability of the product to scan the source code itself at any stage of the development cycle using its innovative Virtual Compiler. The service covers many programming languages including all Java & .NET families as well as cloud based languages like Apex and Visual Force. The new on-demand service brings the unique ability to scan code fragments even uncompiled or linked, enabling security testing at early stages of the development cycle without any prior setup.
Checkmarx on Demand is comprised of two offerings:
• Security assessment – very quick end-to-end detection of all security vulnerabilities for any application. Delivery time is typically a few hours during business hours..
• Customized assessment –Detection queries are customized to corporate and platform standards. For example, corporate coding standards can be easily enforced from the cloud.
How does it work?
Capabilities and Benefits of Checkmarx on Demand platform for application risk intelligence:
Extremely accurate: Virtually zero false: positives provide an effective solution to include in SDLC
Patented Virtual Compiler: Scan any code fragment even non-compiled or linked
Attack flow visualization: Attack path is fully presented for easy investigation providing full flaw reasoning
Query language: An intuitive query language is available for tailoring checks to customer needs
Vulnerability coverage: Hundreds of out-of-the-box security checks
Business logic vulnerability review: Unmatched capability to investigate logical flaws that can lead to substantial business risk
|
|