Open Source Analysis: Security Testing

Prevent vulnerabilities such as OpenSSL Heartbleed, Bash ShellShock and many others from impacting your application's security posture.

It is almost impossible today to develop commercial software products without relying substantially on open source libraries and components. Over the past few years, we've seen tremendous growth in the number of software capabilities offered in open source libraries, as well as the number of open source libraries embedded in each software product. However, while using open source components has many benefits, it also requires companies to manage and control the open source components they use, as well as the adoption process itself, to avoid a variety of legal, technical, and security risks.

Checkmarx Open Source Analysis (OSA) allows organizations to manage, control and prevent the security risks and legal implications introduced by open source components used as part of the development effort.

Key Benefits

  • Centralized Application Security
    The only on-premise solution to deliver in-house code and open source components analysis "under the same roof."
  • Developer Adoption
    Checkmarx OSA is designed for developers, by developers, making it accessible and intuitive for its intended audience.
  • Best of Breed
    Wide language support and spot on open source component risk detection with Checkmarx OSA.

Protect Your Full Code Portfolio and Operating Systems

Analyzing outdated libraries, making sure licenses are being honored and weeding out any open source components which expose the application to known vulnerabilities, Checkmarx OSA provides complete code portfolio coverage under a single unified solution and with no extra installations or administration required. Rather than frustrating developers with long winded lists within PDF documents, Checkmarx OSA provides developers with a single holistic view of their application portfolio under the same platform.

Fluent in All Common Languages

Checkmarx OSA supports all the most common programming languages, enabling organizations to secure all their open source components in addition to the in-house developed code analysis coverage.

Part of Your Development Lifecycle

Integrate Checkmarx OSA within your build environment and automatically enforce open source analysis as part of the SDLC. Analyze and manage the open source components being used while ensuring that vulnerable components are not part of your portfolio and are removed or replaced before they become a problem.

Easy to Use

Enhancing your code portfolio risk assessment coverage is merely a few mouse clicks away. With Checkmarx's Open Source Analysis, there is no need for additional installations or multiple management interfaces.

Simply turn it on and within minutes a detailed report is generated with clear results and detailed mitigation instructions.

Analysis results are designed with the developer in mind. No time is wasted on trying to understand the required actions items to mitigate the detected security or compliance risk.

Open Source Analysis

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.