22 Aug 2012 | Cenzic Inc., the leading provider of web application security intelligence to reduce security risks, announced today a strategic alliance with Checkmarx Ltd., the leading provider of Static Application Security Testing (SAST) solutions. As part of the alliance, Cenzic will offer the entire Checkmarx Static Application Security Testing (SAST) product portfolio immediately and will begin integrating Checkmarx’s SAST offering with its own Cenzic Dynamic Application Security Testing (DAST)solution. The combined offering will help secure Web, Cloud and Mobile applications from inception to launch spanning the entire software development lifecycle.
According to recent research, over 90% of websites are susceptible to attack and hackers can easily exploit website vulnerabilities as has been evidenced in recent password breaches, bank intrusions and the like. From Cenzic’s own research, the bulk of the hacker attacks happen at the application layer, so the need for comprehensive testing solutions to detect vulnerabilities at the application layer is obvious.
Cenzic and Checkmarx’s strategic alliance provides companies with a single solution to proactively assess and correct security vulnerabilities in applications created for Web, Cloud and Mobile for small, medium and large enterprises. As with all technologies that Cenzic develops, customers will have a solution that delivers results that are more accurate than any competing solution with minimal false positives. Cenzic’s solutions also provide best-in-class comprehensive reporting features. Additionally, by leveraging Cenzic’s DAST technology, the solution helps companies automate the incredibly challenging task of conducting security assessments.
Most importantly, Cenzic and Checkmarx’s engineers are collaborating to combine both companies’ technologies to enable proactive security measures on the client and server side portions of mobile applications. The combined solution will uncover security vulnerabilities within the source code of mobile application and Cloud Web Service endpoints that store and serve data. This will be offered initially through Cenzic managed services mobile testing team and will be integrated into both Checkmarx and Cenzic product offerings starting in 2013. The combination of DAST and SAST testing for mobile applications will enable mobile application providers to proactively secure their mobile applications.
“Applications that exploit the nexus of Cloud, Social Media and Mobile application environments create new business opportunities, but also create challenges for organizations to stay ahead of constantly evolving advanced mobile threats. To address this, comprehensive security testing of mobile applications using both dynamic (DAST) and static (SAST) techniques is required,” said Neil MacDonald, vice president and Gartner fellow. “Further, all organizations with sensitive information being handled by applications—mobile or not—need to proactively assess the security of these applications using a combination of dynamic and static techniques.”
“Combining our SAST solution with Cenzic’s DAST offering will provide both of our customer bases with the best available option for uncovering and correcting security flaws in a wide range of applications—from the Web, to the Cloud to Mobile,” said Emmanuel Benzaquen, CEO of Checkmarx. “We are leveraging the strengths of both companies, who are the best-of-breed in SAST and DAST, to bring a truly game-changing solution to market that helps eliminate security risks for our collective customers.”
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.