Checkmarx Named a Leader in Gartner Magic Quadrant for Application Security Testing
Software Exposure is the new unknown. But not for long.
Manage Software Exposure at the Speed of DevOps
Gartner Magic Quadrant for Application Security Testing, 2019
The Complete Guide to Developer Secure Coding Education
CISO of Brussels Airlines answers "Why Checkmarx?"
Checkmarx is pioneering Software Exposure
Cenzic Inc., the leading provider of web application security intelligence to reduce security risks, announced today a strategic alliance with Checkmarx Ltd., the leading provider of Static Application Security Testing (SAST) solutions. As part of the alliance, Cenzic will offer the entire Checkmarx Static Application Security Testing (SAST) product portfolio immediately and will begin integrating Checkmarx’s SAST offering with its own Cenzic Dynamic Application Security Testing (DAST)solution. The combined offering will help secure Web, Cloud and Mobile applications from inception to launch spanning the entire software development lifecycle.
According to recent research, over 90% of websites are susceptible to attack and hackers can easily exploit website vulnerabilities as has been evidenced in recent password breaches, bank intrusions and the like. From Cenzic’s own research, the bulk of the hacker attacks happen at the application layer, so the need for comprehensive testing solutions to detect vulnerabilities at the application layer is obvious.
Cenzic and Checkmarx’s strategic alliance provides companies with a single solution to proactively assess and correct security vulnerabilities in applications created for Web, Cloud and Mobile for small, medium and large enterprises. As with all technologies that Cenzic develops, customers will have a solution that delivers results that are more accurate than any competing solution with minimal false positives. Cenzic’s solutions also provide best-in-class comprehensive reporting features. Additionally, by leveraging Cenzic’s DAST technology, the solution helps companies automate the incredibly challenging task of conducting security assessments.
Most importantly, Cenzic and Checkmarx’s engineers are collaborating to combine both companies’ technologies to enable proactive security measures on the client and server side portions of mobile applications. The combined solution will uncover security vulnerabilities within the source code of mobile application and Cloud Web Service endpoints that store and serve data. This will be offered initially through Cenzic managed services mobile testing team and will be integrated into both Checkmarx and Cenzic product offerings starting in 2013. The combination of DAST and SAST testing for mobile applications will enable mobile application providers to proactively secure their mobile applications.
“Applications that exploit the nexus of Cloud, Social Media and Mobile application environments create new business opportunities, but also create challenges for organizations to stay ahead of constantly evolving advanced mobile threats. To address this, comprehensive security testing of mobile applications using both dynamic (DAST) and static (SAST) techniques is required,” said Neil MacDonald, vice president and Gartner fellow. “Further, all organizations with sensitive information being handled by applications—mobile or not—need to proactively assess the security of these applications using a combination of dynamic and static techniques.”
“Combining our SAST solution with Cenzic’s DAST offering will provide both of our customer bases with the best available option for uncovering and correcting security flaws in a wide range of applications—from the Web, to the Cloud to Mobile,” said Emmanuel Benzaquen, CEO of Checkmarx. “We are leveraging the strengths of both companies, who are the best-of-breed in SAST and DAST, to bring a truly game-changing solution to market that helps eliminate security risks for our collective customers.”
Read More »
October 11, 2011: Tel Aviv, Israel — Checkmarx Ltd., the leading provider of static application security testing (SAST) solutions, today announced it has completed a new round of funding led by original investor Ofer Hi-Tech (http://www.oferhitech.com) and joined by salesforce.com , (http://www.salesforce.com) the enterprise cloud computing company. The funds will be used to bolster product development as well as sales and marketing efforts to promote the Checkmarx cloud-based source code scanning service.
Addressing the security and quality of software applications has always been an issue for enterprises. The proliferation of cloud, mobile and social networking has made security a paramount concern to platform providers and their users. Checkmarx solution enables customers to track throughout their Software Development Lifecycle (SDLC) whether their application code is following internal or external compliance requirements or is in accordance with the developing and hosting platform guidelines.
“Checkmarx has a compelling offering with a unique technology to address the real-time transformations we are witnessing in the cloud,” said Assif Stoffman, executive vice president at Ofer Hi-tech. “The team has demonstrated from day one a clear vision and a strong success record in turning SMBs and large corporation into recurring customers.”
“Secure coding and application quality have become essential disciplines in today’s threat-filled and performance-hungry environment,” said Emmanuel Benzaquen, Checkmarx CEO. “We are strongly committed to our platform partners’ proactive strategy to provide secure coding and quality practices to the entire cloud. This is fully in line with our goal of bringing our customers to the promised land of unbreachable applications.
” Today, Checkmarx supports leading programming languages and framework such as C#, Java, C/C++, VB6 and PHP, as well as platform languages and frameworks such as salesforce.com’s Apex and VisualForce. Checkmarx’s CxCloud generic cloud-based code scanning service is available to any developer or enterprise at: http://www.checkmarx.com.
Checkmarx was named a Cool Vendor by Gartner and singled out as the sole visionary player in Gartner’s Magic Quadrant for SAST in December 2010.
About Checkmarx Ltd.
Checkmarx’s vision is to commoditized Static Application Security Testing (SAST) throughout the Software Development Lifecycle (SDLC) by promoting the use of cloud computing. Founded by experts in the fields of software and application security, Checkmarx has introduced a number of patented and patent-pending technologies which are revolutionizing the application security field.
For more information, visit http://www.checkmarx.com or call 1-917-470-9501.
Tel Aviv, Israel and New York, NY, December 21, 2010 – Checkmarx, the leader in security code analysis, announced today its entrance in the “Visionaries” Quadrant in Gartner’s Magic Quadrant for Static Application Security Testing 2010 by Joseph Feiman and Neil MacDonald. Earlier this year, Checkmarx was also named a “Cool Vendor” in Gartner’s Cool Vendors in Application Security, 2010 by Ray Wagner, Joseph Feiman, Neil MacDonald, John Pescatore and Earl Perkins.
“We feel that our position in the Visionaries Quadrant is a strong acknowledgement of our market-leading capabilities and innovative technology enabling our unique solution for cloud based platforms” said Emmanuel Benzaquen, CEO of Checkmarx. “We are ideally set to execute on our vision and our fast growing customer base is our signature as we enter a new era of application security. We are thrilled with Gartner recognition, which we believe is acknowledgement of our visionary approach both technologically and business wise”
“As attacks have become more financially motivated, and as organizations have improved the security of their network, desktop and server infrastructures, there has been a shift to application level attacks. Static application security testing (SAST) is one of the technology markets aimed at securing applications.
SAST should be considered a mandatory requirement for all IT organizations that develop or procure applications. Even though the market has not reached maturity, enterprises must adopt SAST technologies and processes because the need is strategic.”
Checkmarx is the first code analysis company that can inspect and summarize application security risk quickly, non-intrusively and with tremendous accuracy. Checkmarx innovates in ESI (Enterprise security intelligence), storing normalized models of scanned applications and results of its analyses in a persistent repository, thereby enabling customizable queries and impact analysis. Checkmarx created unique offering for the emerging cloud based software platform vendors. Salesforce.com is using it to analyze the application code that salesforce.com, its partners and its users upload to the platform. Addressing the security of cloud platforms is a growing area of concern and interest to cloud platform providers and their users.
Magic Quadrant Disclaimer
The Magic Quadrant is copyrighted 13.12.2010 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Checkmarx, the leading provider of static application security testing (SAST) solutions, has been included by Dr. Joseph Feiman as one of five "Cool Vendors" in the April 2010 “Cool Vendors in Application Security, 2010” report by Gartner, Inc. on 14 April 2010. Gartner defines a cool vendor as a company that offers technologies or solutions that are: Innovative, enable users to do things they couldn't do before; Impact-ful, have, or will have, business impact (not just technology for the sake of technology); Intriguing, have caught Gartner’s interest or curiosity in approximately the past six months. Read More »
Checkmarx, the leading provider of static application security testing (SAST) solutions, has been included by Dr. Joseph Feiman as one of five “Cool Vendors” in the April 2010 “Cool Vendors in Application Security, 2010” report by Gartner, Inc. on 14 April 2010. Gartner defines a cool vendor as a company that offers technologies or solutions that are: Innovative, enable users to do things they couldn’t do before; Impact-ful, have, or will have, business impact (not just technology for the sake of technology); Intriguing, have caught Gartner’s interest or curiosity in approximately the past six months.
Checkmarx, the leading provider of code analysis for security, today announced the general availability of a cloud-based security code review service.
Companies need to make secure coding a top priority regardless of size. Code analysis on demand provides an essential path. Rock-solid code is an enterprises best bet in a world full of cyber threats focused on application vulnerabilities, said Joseph Feiman, Gartner vice president.