In the News

Checkmarx and Specialist IT Consultancy Firm Ballintrae Team Up To Reduce Software Risks

13 Nov 2013 | By Sharon solomon

The companies will jointly work on Application Security.

(CBR) –November 14, 2013 – IT consultants Ballintrae and Checkmarx, an application security testing, have joined forces to reduce software risk.

With risk high on the boardroom agenda, it is hoped that the partnership will help financial services organisations minimise software risk when developing and upgrading internal and client-facing applications.

By working together Ballintrae and Checkmarx believe they can deliver secure applications avoiding glitches with new software applications or systems outages and failures which can cause inconvenience, huge financial losses and reputational damage.

Steve Street, director of innovation at Ballintrae, said: “With our industry knowledge and expertise, coupled with the highly innovative Checkmarx Suite, our clients will have confidence at boardroom level that risk has been substantially reduced.”

Rafi Bhonker, VP sales at Checkmarx, added: “We are looking forward to working with Ballintrae together to introduce innovative Application Security solutions to the UK and communicate the importance of integrating Source Code Analysis into the software development lifecycle.”

The companies will jointly work on Application Security.

(CBR) –November 14, 2013 – IT consultants Ballintrae and Checkmarx, an application security testing, have joined forces to reduce software risk.

With risk high on the boardroom agenda, it is hoped that the partnership will help financial services organisations minimise software risk when developing and upgrading internal and client-facing applications.

By working together Ballintrae and Checkmarx believe they can deliver secure applications avoiding glitches with new software applications or systems outages and failures which can cause inconvenience, huge financial losses and reputational damage.

Steve Street, director of innovation at Ballintrae, said: “With our industry knowledge and expertise, coupled with the highly innovative Checkmarx Suite, our clients will have confidence at boardroom level that risk has been substantially reduced.”

Rafi Bhonker, VP sales at Checkmarx, added: “We are looking forward to working with Ballintrae together to introduce innovative Application Security solutions to the UK and communicate the importance of integrating Source Code Analysis into the software development lifecycle.”


</close>

Security Innovation TeamMentor now Integrates with Checkmarx’s CxSuite

9 Oct 2013 | By Security Innovation & Checkmarx

Provides faster and better remediation guidance within the developers’ environment

Security Innovation, an authority in application security assessment and training, and Checkmarx, a leader in Application Security Testing, announce the seamless integration of TeamMentor with Checkmarx’s CxSuite Static Application Security Testing (SAST) tool.TeamMentor is the most comprehensive application security content management and guidance platform that offers remediation guidance, actionable security policy and secure software development knowledge. The latest release (v3.3.4) now adds new HMTL5 and Scala libraries as well as a library of vulnerability articles designed for integration with code scanners.The integration of Checkmarx’s CxSuite scan results with TeamMentor’s prescriptive security guidance helps users of CxSuite to more quickly identify and fix software vulnerabilities with clear and effective vulnerability remediation best practices that are mapped against static analysis findings.
“The Checkmarx SAST offers highly accurate results for our customers and is complemented by best fix location recommendations which significantly boosts productivity,” said Asaph Schulman, Director of Marketing at Checkmarx. “Coupling our best fix locations guidance with specific TeamMentor articles relevant to the particular findings can make a big difference in our users’ ability to effectively remediate their application security risks.”

The primary goal of this product integration is to provide Checkmarx users with quick and easy access to TeamMentor’s comprehensive security guidance that is accurate and relevant to specific code security questions. This reduces the number of security scan cycles that involve QA, Information Security or other teams, as well as the total number of vulnerabilities found by security scans and penetration tests. Integrating security scanning and guidance into a development workflow ultimately results in quicker production of more secure and stable applications
“Our vulnerability-specific guidance is structured in an expanding knowledge pathway,” said Ed Adams, Security Innovation CEO.” “Unlike other solutions such as Google, books, etc., TeamMentor avoids overwhelming the user with information. Instead, it progressively educates by allowing the user to quickly grasp important concepts and fix their code faster and more effectively.”
TeamMentor provides guidance from Checkmarx’s browser-based client as well as Checkmarx’s plugins for Visual Studio and Eclipse, allowing the developer to access security guidance right from their development environments.

Provides faster and better remediation guidance within the developers’ environment

Security Innovation, an authority in application security assessment and training, and Checkmarx, a leader in Application Security Testing, announce the seamless integration of TeamMentor with Checkmarx’s CxSuite Static Application Security Testing (SAST) tool.TeamMentor is the most comprehensive application security content management and guidance platform that offers remediation guidance, actionable security policy and secure software development knowledge. The latest release (v3.3.4) now adds new HMTL5 and Scala libraries as well as a library of vulnerability articles designed for integration with code scanners.The integration of Checkmarx’s CxSuite scan results with TeamMentor’s prescriptive security guidance helps users of CxSuite to more quickly identify and fix software vulnerabilities with clear and effective vulnerability remediation best practices that are mapped against static analysis findings.
“The Checkmarx SAST offers highly accurate results for our customers and is complemented by best fix location recommendations which significantly boosts productivity,” said Asaph Schulman, Director of Marketing at Checkmarx. “Coupling our best fix locations guidance with specific TeamMentor articles relevant to the particular findings can make a big difference in our users’ ability to effectively remediate their application security risks.”

The primary goal of this product integration is to provide Checkmarx users with quick and easy access to TeamMentor’s comprehensive security guidance that is accurate and relevant to specific code security questions. This reduces the number of security scan cycles that involve QA, Information Security or other teams, as well as the total number of vulnerabilities found by security scans and penetration tests. Integrating security scanning and guidance into a development workflow ultimately results in quicker production of more secure and stable applications
“Our vulnerability-specific guidance is structured in an expanding knowledge pathway,” said Ed Adams, Security Innovation CEO.” “Unlike other solutions such as Google, books, etc., TeamMentor avoids overwhelming the user with information. Instead, it progressively educates by allowing the user to quickly grasp important concepts and fix their code faster and more effectively.”
TeamMentor provides guidance from Checkmarx’s browser-based client as well as Checkmarx’s plugins for Visual Studio and Eclipse, allowing the developer to access security guidance right from their development environments.


</close>

CloudSpokes & Checkmarx Team Up to Secure Thurgood Software Development Tool

11 Jul 2013 | By Sharon Solomon

CloudSpokes, the leader in crowdsourced cloud development, today announced the availability of Thurgood, a new cloud-based tool to automatically analyze the build, quality and security of code. As more organizations turn to crowdsourced and outsourced developer talent, CloudSpokes’ Thurgood gives developers and businesses the insight to easily determine the stability of submitted code, quickly identify any risks, as well as ensure high quality software development.

recent report found enterprises that adopted a community development model versus a traditional, in-house model were 62 percent more successful. With more businesses turning to crowdsourced development, CloudSpokes’ Thurgood enables organizations to quickly determine the caliber and strength of any developers’ submitted code. With this level of visibility and accuracy, Thurgood offers organizations a new standard of authenticating and validating code, while enabling developers to immediately spot opportunities to improve their work.

“Crowdsourced development can seem like a Catch-22: developers can claim to develop specific software, but how do businesses ensure quality throughout the entire process?” said Mike Morris, General Manager, CloudSpokes. “Thurgood quickly eliminates this uncertainty and allows developers to submit code early and often to both the developer and business to easily determine the caliber of the code and make the necessary tweaks. As more businesses crowdsource software development, Thurgood ensures submitted code is consistent, complete and ready for business.”

Thurgood was developed by CloudSpokes and accepts all coding languages. The tool incorporates Cloudbees Jenkins Enterprise and Checkmarx security and vulnerability scans to provide automated quality and security review of submitted software development packages. Thurgood automatically configures code analysis tools depending on environments like code coverage, code formatting, unit test execution, bug detection and security analysis.

Once a developer submits code to Thurgood, the code is downloaded, generates the necessary build files and is committed to a git repository. The committed code is then scanned by Cloudbees and Checkmarx with the final results returned to the developer. Developers are able to see the entire submission and detailed partner feedback, eliminating the time previously needed to test code and creating code best practices. The Thurgood tool also provides the CloudSpokes team visibility into what community members are working on and their respective progress on challenges.

“Precautionary measures of secure coding are rapidly becoming a recognized necessity in the code development lifecycle,” said David Hyman, Vice President, SaaS Operations, Checkmarx. “CloudSpokes’ adoption of secure coding practice shows commitment to its customers and makes a clear statement that the community takes security seriously.”

Thurgood is implemented into CloudSpokes now. For more information on Thurgood, please see the demo or visit: https://www.cloudspokes.com/

About CloudSpokes
CloudSpokes is the leader in crowdsourced cloud development. The crowdsourcing marketplace matches companies who need development work with a worldwide community of more than 75,000 cloud experts. CloudSpokes’ developers compete for cash and recognition by participating in contests to create enterprise-class solutions. With proven proficiency using today’s leading public cloud platforms and languages, including Amazon Web Services, Cloud Foundry, Force.com, Heroku, HTML5, Ruby and Java, the CloudSpokes’ community depth and breadth of expertise and commitment to community software development is unrivaled. Founded in 2011, CloudSpokes was created and is operated by Appirio.

CloudSpokes, the leader in crowdsourced cloud development, today announced the availability of Thurgood, a new cloud-based tool to automatically analyze the build, quality and security of code. As more organizations turn to crowdsourced and outsourced developer talent, CloudSpokes’ Thurgood gives developers and businesses the insight to easily determine the stability of submitted code, quickly identify any risks, as well as ensure high quality software development.

recent report found enterprises that adopted a community development model versus a traditional, in-house model were 62 percent more successful. With more businesses turning to crowdsourced development, CloudSpokes’ Thurgood enables organizations to quickly determine the caliber and strength of any developers’ submitted code. With this level of visibility and accuracy, Thurgood offers organizations a new standard of authenticating and validating code, while enabling developers to immediately spot opportunities to improve their work.

“Crowdsourced development can seem like a Catch-22: developers can claim to develop specific software, but how do businesses ensure quality throughout the entire process?” said Mike Morris, General Manager, CloudSpokes. “Thurgood quickly eliminates this uncertainty and allows developers to submit code early and often to both the developer and business to easily determine the caliber of the code and make the necessary tweaks. As more businesses crowdsource software development, Thurgood ensures submitted code is consistent, complete and ready for business.”

Thurgood was developed by CloudSpokes and accepts all coding languages. The tool incorporates Cloudbees Jenkins Enterprise and Checkmarx security and vulnerability scans to provide automated quality and security review of submitted software development packages. Thurgood automatically configures code analysis tools depending on environments like code coverage, code formatting, unit test execution, bug detection and security analysis.

Once a developer submits code to Thurgood, the code is downloaded, generates the necessary build files and is committed to a git repository. The committed code is then scanned by Cloudbees and Checkmarx with the final results returned to the developer. Developers are able to see the entire submission and detailed partner feedback, eliminating the time previously needed to test code and creating code best practices. The Thurgood tool also provides the CloudSpokes team visibility into what community members are working on and their respective progress on challenges.

“Precautionary measures of secure coding are rapidly becoming a recognized necessity in the code development lifecycle,” said David Hyman, Vice President, SaaS Operations, Checkmarx. “CloudSpokes’ adoption of secure coding practice shows commitment to its customers and makes a clear statement that the community takes security seriously.”

Thurgood is implemented into CloudSpokes now. For more information on Thurgood, please see the demo or visit: https://www.cloudspokes.com/

About CloudSpokes
CloudSpokes is the leader in crowdsourced cloud development. The crowdsourcing marketplace matches companies who need development work with a worldwide community of more than 75,000 cloud experts. CloudSpokes’ developers compete for cash and recognition by participating in contests to create enterprise-class solutions. With proven proficiency using today’s leading public cloud platforms and languages, including Amazon Web Services, Cloud Foundry, Force.com, Heroku, HTML5, Ruby and Java, the CloudSpokes’ community depth and breadth of expertise and commitment to community software development is unrivaled. Founded in 2011, CloudSpokes was created and is operated by Appirio.


</close>

Checkmarx Announces Partnership with Deutsche Telekom to Offer a Software Security Solution

14 May 2013 | By Admin

The leader in Application Security Testing solutions, Checkmarx Ltd. is today announcing a partnership with Developer Garden, the Deutsche Telekom AG (DAX; DTE) ecosystem for developers.

“We are proud to announce the launch of this important and strategic partnership between Checkmarx and the Deutsche Telekom’s Developer Garden.  The partnership  provides developers with access to Checkmarx On Demand, the  most comprehensive resource for Secure Software in the cloud”, said David Hyman, VP SaaS Operations at Checkmarx.

Checkmarx’s static code analysis technology, named “Visionary” by Gartner, is the engine that powers up Developer Garden’s new service Code Analyzer. The tool enables software developers, to easily scan their code for security vulnerabilities, and handle them.

The leader in Application Security Testing solutions, Checkmarx Ltd. is today announcing a partnership with Developer Garden, the Deutsche Telekom AG (DAX; DTE) ecosystem for developers.

“We are proud to announce the launch of this important and strategic partnership between Checkmarx and the Deutsche Telekom’s Developer Garden.  The partnership  provides developers with access to Checkmarx On Demand, the  most comprehensive resource for Secure Software in the cloud”, said David Hyman, VP SaaS Operations at Checkmarx.

Checkmarx’s static code analysis technology, named “Visionary” by Gartner, is the engine that powers up Developer Garden’s new service Code Analyzer. The tool enables software developers, to easily scan their code for security vulnerabilities, and handle them.


</close>

Checkmarx & Eclipse Team Up to Promote Secure Coding

21 Feb 2013 | By Sharon Solomon

Press Release: Checkmarx – Wed, Feb 20, 2013 7:00 AM EST

TEL-AVIV, Israel, February 20, 2013 /PRNewswire/ –

Checkmarx is delighted to announce a new strategic partnership with the Eclipse Foundation.

Recognized as a pioneer and leader in the Open Source software development industry, Eclipse provides developers with an integrated development platform.  Today, Eclipse is used by millions of developers worldwide to provide a stable and secure development platform.

Checkmarx is well known as a leader and visionary for Static Application Security Testing (SAST) solutions.  With ability to scan all major coding languages, Checkmarx automatically identifies software vulnerabilities and measures the security risks in the source code.  The new On Demand solution uses a Checkmarx engine “in the cloud”; simply press scan and get results in minutes!

The Eclipse/Checkmarx integration works in a way that throughout any point in the development lifecycle, Eclipse users can simply click “Checkmarx Scan” from within the Eclipse platform and a security scan is carried out in real time.

“We’re excited about the launch of our partnership with Eclipse.  Many of our customers depend on Eclipse as a means for code development & quality…bringing code quality together with our On Demand model for code security delivers fantastic value and benefit to an already strong community of Eclipse developers. We look forward to working closer with the Eclipse community” said Maty Simon, Checkmarx Founder and CTO.

Eclipse Executive Director Mike Milinkovich added “Adding Checkmarx as an Eclipse member is a great win for the Eclipse community.  Having solutions in the Eclipse community that promote better ways to develop safe code will help our community. Checkmarx’s 2 month complimentary offer for Eclipse users will be a great way for people to try out their static analysis solution.”

As an exclusive offer for the Eclipse community, Checkmarx is granting All Eclipse users with a complimentary 2 month full service account.  Simply register and get started in minutes!

Press Release: Checkmarx – Wed, Feb 20, 2013 7:00 AM EST

TEL-AVIV, Israel, February 20, 2013 /PRNewswire/ –

Checkmarx is delighted to announce a new strategic partnership with the Eclipse Foundation.

Recognized as a pioneer and leader in the Open Source software development industry, Eclipse provides developers with an integrated development platform.  Today, Eclipse is used by millions of developers worldwide to provide a stable and secure development platform.

Checkmarx is well known as a leader and visionary for Static Application Security Testing (SAST) solutions.  With ability to scan all major coding languages, Checkmarx automatically identifies software vulnerabilities and measures the security risks in the source code.  The new On Demand solution uses a Checkmarx engine “in the cloud”; simply press scan and get results in minutes!

The Eclipse/Checkmarx integration works in a way that throughout any point in the development lifecycle, Eclipse users can simply click “Checkmarx Scan” from within the Eclipse platform and a security scan is carried out in real time.

“We’re excited about the launch of our partnership with Eclipse.  Many of our customers depend on Eclipse as a means for code development & quality…bringing code quality together with our On Demand model for code security delivers fantastic value and benefit to an already strong community of Eclipse developers. We look forward to working closer with the Eclipse community” said Maty Simon, Checkmarx Founder and CTO.

Eclipse Executive Director Mike Milinkovich added “Adding Checkmarx as an Eclipse member is a great win for the Eclipse community.  Having solutions in the Eclipse community that promote better ways to develop safe code will help our community. Checkmarx’s 2 month complimentary offer for Eclipse users will be a great way for people to try out their static analysis solution.”

As an exclusive offer for the Eclipse community, Checkmarx is granting All Eclipse users with a complimentary 2 month full service account.  Simply register and get started in minutes!


</close>

CloudShare Announces a Record Fiscal 2012

7 Feb 2013 | By Sharon Solomon

Increasing Demand for Development and Testing Services Fueled Record Revenues and New Customer Growth

SAN MATEO, CA–(Marketwire – Feb 7, 2013) – CloudShare, the leader in cloud services for pre-production, announced today a record fiscal 2012, achieving 3X growth in its development and testing services. With this growth, CloudShare’s customers now include 59 companies from the Fortune 100, and eight out of ten top system integrators. Noticeable figures in 2012 include over 400% growth in the number of multi-machine environments started, and over one million virtual machines created in CloudShare in 2012 alone.

“Our growth over the last year is the result of an increasing demand for cloud services for software development and testing, training, sales demos and POCs,” said Guri Stark, Chief Executive Officer of CloudShare. “The fastest growing segment for pre-production in the cloud right now is enterprise application development and testing. Our customers are focused on improving their application development processes, delivering new releases to market faster and at a higher quality. I’d like to personally thank all of our customers, partners and employees for an outstanding fiscal 2012 and I look forward to continued growth in 2013.”

One of the companies that adopted the CloudShare development and testing solution in the cloud is Checkmarx Ltd. Checkmark, the leading provider of comprehensive solutions for automated security code review, has deployed CloudShare’s solution to create build-and-test-labs in the cloud. CloudShare enables Checkmarx to extend their on-premise lab to the cloud to improve the collaboration between Checkmarx’s internal and external software testing teams.

“Checkmarx is investing heavily in improving the quality and performance of its tools and service. We are using internal and external resources to perform testing. Collaboration with external teams provides tremendous value, but can be challenging due to communication issues and access to resources,” said Emmanuel Benzaquen, Chief Executive Officer of Checkmarx. “CloudShare is becoming the extension of our lab, ensuring we can provide the latest builds to our external testers without risking our internal network. We also see improvements in the collaboration between our internal team and our outsourced QA, reducing time and increasing the value we get from the external testing team.”

To learn more about how CloudShare is integrated to the development and testing process, visit http://cloudshare.com/solutions/development-and-testing/overview.

About CloudShare
CloudShare offers the leading cloud solution focused on development and testing, training, and sales demos and POCs. CloudShare’s technology makes it easy for application professionals to work in the cloud, efficiently create multi-VM environments, collaborate with others, and deploy projects into production — no background in IT-infrastructure is required. CloudShare makes it easy to build and distribute simple and complex IT applications to anyone with an Internet connection.

About Checkmarx Ltd.
Checkmarx’s vision is to commoditized Static Application Security Testing (SAST) throughout the Software Development Lifecycle (SDLC) by promoting the use of cloud computing. Founded by experts in the fields of software and application security, Checkmarx has introduced a number of patented and patent-pending technologies which are revolutionizing the application security field.

 

Increasing Demand for Development and Testing Services Fueled Record Revenues and New Customer Growth

SAN MATEO, CA–(Marketwire – Feb 7, 2013) – CloudShare, the leader in cloud services for pre-production, announced today a record fiscal 2012, achieving 3X growth in its development and testing services. With this growth, CloudShare’s customers now include 59 companies from the Fortune 100, and eight out of ten top system integrators. Noticeable figures in 2012 include over 400% growth in the number of multi-machine environments started, and over one million virtual machines created in CloudShare in 2012 alone.

“Our growth over the last year is the result of an increasing demand for cloud services for software development and testing, training, sales demos and POCs,” said Guri Stark, Chief Executive Officer of CloudShare. “The fastest growing segment for pre-production in the cloud right now is enterprise application development and testing. Our customers are focused on improving their application development processes, delivering new releases to market faster and at a higher quality. I’d like to personally thank all of our customers, partners and employees for an outstanding fiscal 2012 and I look forward to continued growth in 2013.”

One of the companies that adopted the CloudShare development and testing solution in the cloud is Checkmarx Ltd. Checkmark, the leading provider of comprehensive solutions for automated security code review, has deployed CloudShare’s solution to create build-and-test-labs in the cloud. CloudShare enables Checkmarx to extend their on-premise lab to the cloud to improve the collaboration between Checkmarx’s internal and external software testing teams.

“Checkmarx is investing heavily in improving the quality and performance of its tools and service. We are using internal and external resources to perform testing. Collaboration with external teams provides tremendous value, but can be challenging due to communication issues and access to resources,” said Emmanuel Benzaquen, Chief Executive Officer of Checkmarx. “CloudShare is becoming the extension of our lab, ensuring we can provide the latest builds to our external testers without risking our internal network. We also see improvements in the collaboration between our internal team and our outsourced QA, reducing time and increasing the value we get from the external testing team.”

To learn more about how CloudShare is integrated to the development and testing process, visit http://cloudshare.com/solutions/development-and-testing/overview.

About CloudShare
CloudShare offers the leading cloud solution focused on development and testing, training, and sales demos and POCs. CloudShare’s technology makes it easy for application professionals to work in the cloud, efficiently create multi-VM environments, collaborate with others, and deploy projects into production — no background in IT-infrastructure is required. CloudShare makes it easy to build and distribute simple and complex IT applications to anyone with an Internet connection.

About Checkmarx Ltd.
Checkmarx’s vision is to commoditized Static Application Security Testing (SAST) throughout the Software Development Lifecycle (SDLC) by promoting the use of cloud computing. Founded by experts in the fields of software and application security, Checkmarx has introduced a number of patented and patent-pending technologies which are revolutionizing the application security field.

 


</close>

Cenzic Forms Strategic Alliance with Checkmarx

22 Aug 2012 | By Checkmarx

Cenzic Inc., the leading provider of web application security intelligence to reduce security risks, announced today a strategic alliance with Checkmarx Ltd., the leading provider of Static Application Security Testing (SAST) solutions. As part of the alliance, Cenzic will offer the entire Checkmarx Static Application Security Testing (SAST) product portfolio immediately and will begin integrating Checkmarx’s SAST offering with its own Cenzic Dynamic Application Security Testing (DAST)solution. The combined offering will help secure Web, Cloud and Mobile applications from inception to launch spanning the entire software development lifecycle.

According to recent research, over 90% of websites are susceptible to attack and hackers can easily exploit website vulnerabilities as has been evidenced in recent password breaches, bank intrusions and the like. From Cenzic’s own research, the bulk of the hacker attacks happen at the application layer, so the need for comprehensive testing solutions to detect vulnerabilities at the application layer is obvious.

Cenzic and Checkmarx’s strategic alliance provides companies with a single solution to proactively assess and correct security vulnerabilities in applications created for Web, Cloud and Mobile for small, medium and large enterprises. As with all technologies that Cenzic develops, customers will have a solution that delivers results that are more accurate than any competing solution with minimal false positives. Cenzic’s solutions also provide best-in-class comprehensive reporting features. Additionally, by leveraging Cenzic’s DAST technology, the solution helps companies automate the incredibly challenging task of conducting security assessments.

Most importantly, Cenzic and Checkmarx’s engineers are collaborating to combine both companies’ technologies to enable proactive security measures on the client and server side portions of mobile applications. The combined solution will uncover security vulnerabilities within the source code of mobile application and Cloud Web Service endpoints that store and serve data. This will be offered initially through Cenzic managed services mobile testing team and will be integrated into both Checkmarx and Cenzic product offerings starting in 2013. The combination of DAST and SAST testing for mobile applications will enable mobile application providers to proactively secure their mobile applications.

“Applications that exploit the nexus of Cloud, Social Media and Mobile application environments create new business opportunities, but also create challenges for organizations to stay ahead of constantly evolving advanced mobile threats. To address this, comprehensive security testing of mobile applications using both dynamic (DAST) and static (SAST) techniques is required,” said Neil MacDonald, vice president and Gartner fellow. “Further, all organizations with sensitive information being handled by applications—mobile or not—need to proactively assess the security of these applications using a combination of dynamic and static techniques.”

“Combining our SAST solution with Cenzic’s DAST offering will provide both of our customer bases with the best available option for uncovering and correcting security flaws in a wide range of applications—from the Web, to the Cloud to Mobile,” said Emmanuel Benzaquen, CEO of Checkmarx. “We are leveraging the strengths of both companies, who are the best-of-breed in SAST and DAST, to bring a truly game-changing solution to market that helps eliminate security risks for our collective customers.”


Read More »

Cenzic Inc., the leading provider of web application security intelligence to reduce security risks, announced today a strategic alliance with Checkmarx Ltd., the leading provider of Static Application Security Testing (SAST) solutions. As part of the alliance, Cenzic will offer the entire Checkmarx Static Application Security Testing (SAST) product portfolio immediately and will begin integrating Checkmarx’s SAST offering with its own Cenzic Dynamic Application Security Testing (DAST)solution. The combined offering will help secure Web, Cloud and Mobile applications from inception to launch spanning the entire software development lifecycle.

According to recent research, over 90% of websites are susceptible to attack and hackers can easily exploit website vulnerabilities as has been evidenced in recent password breaches, bank intrusions and the like. From Cenzic’s own research, the bulk of the hacker attacks happen at the application layer, so the need for comprehensive testing solutions to detect vulnerabilities at the application layer is obvious.

Cenzic and Checkmarx’s strategic alliance provides companies with a single solution to proactively assess and correct security vulnerabilities in applications created for Web, Cloud and Mobile for small, medium and large enterprises. As with all technologies that Cenzic develops, customers will have a solution that delivers results that are more accurate than any competing solution with minimal false positives. Cenzic’s solutions also provide best-in-class comprehensive reporting features. Additionally, by leveraging Cenzic’s DAST technology, the solution helps companies automate the incredibly challenging task of conducting security assessments.

Most importantly, Cenzic and Checkmarx’s engineers are collaborating to combine both companies’ technologies to enable proactive security measures on the client and server side portions of mobile applications. The combined solution will uncover security vulnerabilities within the source code of mobile application and Cloud Web Service endpoints that store and serve data. This will be offered initially through Cenzic managed services mobile testing team and will be integrated into both Checkmarx and Cenzic product offerings starting in 2013. The combination of DAST and SAST testing for mobile applications will enable mobile application providers to proactively secure their mobile applications.

“Applications that exploit the nexus of Cloud, Social Media and Mobile application environments create new business opportunities, but also create challenges for organizations to stay ahead of constantly evolving advanced mobile threats. To address this, comprehensive security testing of mobile applications using both dynamic (DAST) and static (SAST) techniques is required,” said Neil MacDonald, vice president and Gartner fellow. “Further, all organizations with sensitive information being handled by applications—mobile or not—need to proactively assess the security of these applications using a combination of dynamic and static techniques.”

“Combining our SAST solution with Cenzic’s DAST offering will provide both of our customer bases with the best available option for uncovering and correcting security flaws in a wide range of applications—from the Web, to the Cloud to Mobile,” said Emmanuel Benzaquen, CEO of Checkmarx. “We are leveraging the strengths of both companies, who are the best-of-breed in SAST and DAST, to bring a truly game-changing solution to market that helps eliminate security risks for our collective customers.”


</close>

Checkmarx Closes New Funding Round With Salesforce

10 Nov 2011 | By Sharon Solomon

October 11, 2011: Tel Aviv, Israel — Checkmarx Ltd., the leading provider of static application security testing (SAST) solutions, today announced it has completed a new round of funding led by original investor Ofer Hi-Tech (http://www.oferhitech.com) and joined by salesforce.com , (http://www.salesforce.com) the enterprise cloud computing company. The funds will be used to bolster product development as well as sales and marketing efforts to promote the Checkmarx cloud-based source code scanning service. 

Addressing the security and quality of software applications has always been an issue for enterprises. The proliferation of cloud, mobile and social networking has made security a paramount concern to platform providers and their users. Checkmarx solution enables customers to track throughout their Software Development Lifecycle (SDLC) whether their application code is following internal or external compliance requirements or is in accordance with the developing and hosting platform guidelines.

“Checkmarx has a compelling offering with a unique technology to address the real-time transformations we are witnessing in the cloud,” said Assif Stoffman, executive vice president at Ofer Hi-tech. “The team has demonstrated from day one a clear vision and a strong success record in turning SMBs and large corporation into recurring customers.”

“Secure coding and application quality have become essential disciplines in today’s threat-filled and performance-hungry environment,” said Emmanuel Benzaquen, Checkmarx CEO. “We are strongly committed to our platform partners’ proactive strategy to provide secure coding and quality practices to the entire cloud. This is fully in line with our goal of bringing our customers to the promised land of unbreachable applications.

” Today, Checkmarx supports leading programming languages and framework such as C#, Java, C/C++, VB6 and PHP, as well as platform languages and frameworks such as salesforce.com’s Apex and VisualForce. Checkmarx’s CxCloud generic cloud-based code scanning service is available to any developer or enterprise at: http://www.checkmarx.com.

Checkmarx was named a Cool Vendor by Gartner and singled out as the sole visionary player in Gartner’s Magic Quadrant for SAST in December 2010.

About Checkmarx Ltd. 

Checkmarx’s vision is to commoditized Static Application Security Testing (SAST) throughout the Software Development Lifecycle (SDLC) by promoting the use of cloud computing. Founded by experts in the fields of software and application security, Checkmarx has introduced a number of patented and patent-pending technologies which are revolutionizing the application security field.

For more information, visit http://www.checkmarx.com or call 1-917-470-9501.

October 11, 2011: Tel Aviv, Israel — Checkmarx Ltd., the leading provider of static application security testing (SAST) solutions, today announced it has completed a new round of funding led by original investor Ofer Hi-Tech (http://www.oferhitech.com) and joined by salesforce.com , (http://www.salesforce.com) the enterprise cloud computing company. The funds will be used to bolster product development as well as sales and marketing efforts to promote the Checkmarx cloud-based source code scanning service. 

Addressing the security and quality of software applications has always been an issue for enterprises. The proliferation of cloud, mobile and social networking has made security a paramount concern to platform providers and their users. Checkmarx solution enables customers to track throughout their Software Development Lifecycle (SDLC) whether their application code is following internal or external compliance requirements or is in accordance with the developing and hosting platform guidelines.

“Checkmarx has a compelling offering with a unique technology to address the real-time transformations we are witnessing in the cloud,” said Assif Stoffman, executive vice president at Ofer Hi-tech. “The team has demonstrated from day one a clear vision and a strong success record in turning SMBs and large corporation into recurring customers.”

“Secure coding and application quality have become essential disciplines in today’s threat-filled and performance-hungry environment,” said Emmanuel Benzaquen, Checkmarx CEO. “We are strongly committed to our platform partners’ proactive strategy to provide secure coding and quality practices to the entire cloud. This is fully in line with our goal of bringing our customers to the promised land of unbreachable applications.

” Today, Checkmarx supports leading programming languages and framework such as C#, Java, C/C++, VB6 and PHP, as well as platform languages and frameworks such as salesforce.com’s Apex and VisualForce. Checkmarx’s CxCloud generic cloud-based code scanning service is available to any developer or enterprise at: http://www.checkmarx.com.

Checkmarx was named a Cool Vendor by Gartner and singled out as the sole visionary player in Gartner’s Magic Quadrant for SAST in December 2010.

About Checkmarx Ltd. 

Checkmarx’s vision is to commoditized Static Application Security Testing (SAST) throughout the Software Development Lifecycle (SDLC) by promoting the use of cloud computing. Founded by experts in the fields of software and application security, Checkmarx has introduced a number of patented and patent-pending technologies which are revolutionizing the application security field.

For more information, visit http://www.checkmarx.com or call 1-917-470-9501.


</close>

Checkmarx Named Visionary in SAST Magic Quadrant

20 Dec 2010 | By Sharon Solomon

Tel Aviv, Israel and New York, NY, December 21, 2010 – Checkmarx, the leader in security code analysis, announced today its entrance in the “Visionaries” Quadrant in Gartner’s Magic Quadrant for Static Application Security Testing 2010 by Joseph Feiman and Neil MacDonald.  Earlier this year, Checkmarx was also named a “Cool Vendor” in Gartner’s Cool Vendors in Application Security, 2010 by Ray Wagner, Joseph Feiman, Neil MacDonald, John Pescatore and Earl Perkins.

“We feel that our position in the Visionaries Quadrant is a strong acknowledgement of our market-leading capabilities and innovative technology enabling our unique solution for cloud based platforms” said Emmanuel Benzaquen, CEO of Checkmarx. “We are ideally set to execute on our vision and our fast growing customer base is our signature as we enter a new era of application security. We are thrilled with Gartner recognition, which we believe is acknowledgement of our visionary approach both technologically and business wise”

Gartner writes:  

“As attacks have become more financially motivated, and as organizations have improved the security of their network, desktop and server infrastructures, there has been a shift to application level attacks. Static application security testing (SAST) is one of the technology markets aimed at securing applications.
SAST should be considered a mandatory requirement for all IT organizations that develop or procure applications. Even though the market has not reached maturity, enterprises must adopt SAST technologies and processes because the need is strategic.”

Checkmarx is the first code analysis company that can inspect and summarize application security risk quickly, non-intrusively and with tremendous accuracy.  Checkmarx innovates in ESI (Enterprise security intelligence), storing normalized models of scanned applications and results of its analyses in a persistent repository, thereby enabling customizable queries and impact analysis. Checkmarx created unique offering for the emerging cloud based software platform vendors. Salesforce.com is using it to analyze the application code that salesforce.com, its partners and its users upload to the platform. Addressing the security of cloud platforms is a growing area of concern and interest to cloud platform providers and their users.

Magic Quadrant Disclaimer

The Magic Quadrant is copyrighted 13.12.2010 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

 

Tel Aviv, Israel and New York, NY, December 21, 2010 – Checkmarx, the leader in security code analysis, announced today its entrance in the “Visionaries” Quadrant in Gartner’s Magic Quadrant for Static Application Security Testing 2010 by Joseph Feiman and Neil MacDonald.  Earlier this year, Checkmarx was also named a “Cool Vendor” in Gartner’s Cool Vendors in Application Security, 2010 by Ray Wagner, Joseph Feiman, Neil MacDonald, John Pescatore and Earl Perkins.

“We feel that our position in the Visionaries Quadrant is a strong acknowledgement of our market-leading capabilities and innovative technology enabling our unique solution for cloud based platforms” said Emmanuel Benzaquen, CEO of Checkmarx. “We are ideally set to execute on our vision and our fast growing customer base is our signature as we enter a new era of application security. We are thrilled with Gartner recognition, which we believe is acknowledgement of our visionary approach both technologically and business wise”

Gartner writes:  

“As attacks have become more financially motivated, and as organizations have improved the security of their network, desktop and server infrastructures, there has been a shift to application level attacks. Static application security testing (SAST) is one of the technology markets aimed at securing applications.
SAST should be considered a mandatory requirement for all IT organizations that develop or procure applications. Even though the market has not reached maturity, enterprises must adopt SAST technologies and processes because the need is strategic.”

Checkmarx is the first code analysis company that can inspect and summarize application security risk quickly, non-intrusively and with tremendous accuracy.  Checkmarx innovates in ESI (Enterprise security intelligence), storing normalized models of scanned applications and results of its analyses in a persistent repository, thereby enabling customizable queries and impact analysis. Checkmarx created unique offering for the emerging cloud based software platform vendors. Salesforce.com is using it to analyze the application code that salesforce.com, its partners and its users upload to the platform. Addressing the security of cloud platforms is a growing area of concern and interest to cloud platform providers and their users.

Magic Quadrant Disclaimer

The Magic Quadrant is copyrighted 13.12.2010 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

 


</close>

Checkmarx Named “Cool Vendor” by Gartner

21 Apr 2010 | By Admin

Checkmarx, the leading provider of static application security testing (SAST) solutions, has been included by Dr. Joseph Feiman as one of five "Cool Vendors" in the April 2010 “Cool Vendors in Application Security, 2010” report by Gartner, Inc. on 14 April 2010. Gartner defines a cool vendor as a company that offers technologies or solutions that are: Innovative, enable users to do things they couldn't do before; Impact-ful, have, or will have, business impact (not just technology for the sake of technology); Intriguing, have caught Gartner’s interest or curiosity in approximately the past six months.
Read More »

Checkmarx, the leading provider of static application security testing (SAST) solutions, has been included by Dr. Joseph Feiman as one of five “Cool Vendors” in the April 2010 “Cool Vendors in Application Security, 2010” report by Gartner, Inc. on 14 April 2010. Gartner defines a cool vendor as a company that offers technologies or solutions that are: Innovative, enable users to do things they couldn’t do before; Impact-ful, have, or will have, business impact (not just technology for the sake of technology); Intriguing, have caught Gartner’s interest or curiosity in approximately the past six months.

 


</close>