- [PR] CloudSpokes & Checkmarx Team Up to Secure Thurgood Software Development Tool
Press Release- Checkmarx- Thu, Jul, 11 2013
CloudSpokes, the leader in crowdsourced cloud development, today announced the availability of Thurgood, a new cloud-based tool to automatically analyze the build, quality and security of code. As more organizations turn to crowdsourced and outsourced developer talent, CloudSpokes’ Thurgood gives developers and businesses the insight to easily determine the stability of submitted code, quickly identify any risks, as well as ensure high quality software development.
A recent report found enterprises that adopted a community development model versus a traditional, in-house model were 62 percent more successful. With more businesses turning to crowdsourced development, CloudSpokes’ Thurgood enables organizations to quickly determine the caliber and strength of any developers’ submitted code. With this level of visibility and accuracy, Thurgood offers organizations a new standard of authenticating and validating code, while enabling developers to immediately spot opportunities to improve their work.
“Crowdsourced development can seem like a Catch-22: developers can claim to develop specific software, but how do businesses ensure quality throughout the entire process?” said Mike Morris, General Manager, CloudSpokes. “Thurgood quickly eliminates this uncertainty and allows developers to submit code early and often to both the developer and business to easily determine the caliber of the code and make the necessary tweaks. As more businesses crowdsource software development, Thurgood ensures submitted code is consistent, complete and ready for business.”
Thurgood was developed by CloudSpokes and accepts all coding languages. The tool incorporates Cloudbees Jenkins Enterprise and Checkmarx security and vulnerability scans to provide automated quality and security review of submitted software development packages. Thurgood automatically configures code analysis tools depending on environments like code coverage, code formatting, unit test execution, bug detection and security analysis.
Once a developer submits code to Thurgood, the code is downloaded, generates the necessary build files and is committed to a git repository. The committed code is then scanned by Cloudbees and Checkmarx with the final results returned to the developer. Developers are able to see the entire submission and detailed partner feedback, eliminating the time previously needed to test code and creating code best practices. The Thurgood tool also provides the CloudSpokes team visibility into what community members are working on and their respective progress on challenges.
“Precautionary measures of secure coding are rapidly becoming a recognized necessity in the code development lifecycle,” said David Hyman, Vice President, SaaS Operations, Checkmarx. “CloudSpokes’ adoption of secure coding practice shows commitment to its customers and makes a clear statement that the community takes security seriously.”
CloudSpokes is the leader in crowdsourced cloud development. The crowdsourcing marketplace matches companies who need development work with a worldwide community of more than 75,000 cloud experts. CloudSpokes’ developers compete for cash and recognition by participating in contests to create enterprise-class solutions. With proven proficiency using today’s leading public cloud platforms and languages, including Amazon Web Services, Cloud Foundry, Force.com, Heroku, HTML5, Ruby and Java, the CloudSpokes’ community depth and breadth of expertise and commitment to community software development is unrivaled. Founded in 2011, CloudSpokes was created and is operated by Appirio.
View source here.
Sign up today & never miss an update from the Checkmarx blog
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.