Checkmarx Announces New GitHub Action

 

Technical Partners

CxSAST for Amazon Web Services

CxSAST hosted on an AWS environment, allows organizations to seamlessly connect to their development lifecycle with all the benefits of being hosted in the cloud. By leveraging CxSAST for AWS, organizations are able to perform Static Application Security Testing in the secure confines of a dedicated AWS hosted environment.  
Read More >>

Cloudbees

CloudBees, the enterprise software delivery company, provides the industry's leading DevOps technology platform. CloudBees enables developers to do what they do best: Build stuff that matters, while providing peace of mind to management with powerful risk mitigation, compliance and governance tools. As a ‘Premier Partner’ of Cloudbees’ Technical Alliance Partner Program (TAPP), Checkmarx is able to offer its customers, and the broader CloudBees and Jenkins communities, application security testing solutions that empower their shift to DevSecOps and bolster the delivery of more secure software at scale. For more information about Cloudbees, visit here: https://www.cloudbees.com/.

GitHub

GitHub is the developer company. As the home to more than 50 million developers from across the globe, GitHub is where developers can create, share, and ship the best code possible. GitHub makes it easier to work together, solve challenging problems, and create the world’s most important technologies. For more information about GitHub, visit here: https://github.com/

GitLab

GitLab is a DevOps platform built from the ground up as a single application for all stages of the DevOps lifecycle enabling Product, Development, QA, Security, and Operations teams to work concurrently on the same project. GitLab provides a single data store, one user interface, and one permission model across the DevOps lifecycle. Checkmarx SAST, SCA, and Codebashing are directly integrated into GitLab’s CI/CD pipeline, allowing users to secure both custom and open source code with one, powerful solution. Driven by Checkmarx’s orchestration and automation module, GitLab users benefit from streamlined workflows via the elimination of time-consuming manual scans and the ability to find and fix vulnerabilities earlier in the SDLC. For more information about GitLab, visit here: https://about.gitlab.com/

Read More >>

Digital.ai

Digital.ai is an industry-leading technology company dedicated to helping Global 5000 enterprises achieve digital transformation goals. Using value stream management as its cornerstone, Digital.ai combines innovative technologies in agile planning, application protection, software delivery, and artificial intelligence into a unified Value Stream Platform. Digital.ai makes it possible to connect software development and delivery efforts to strategic business outcomes and create secure digital experiences customers trust. For more information about Digital.ai, visit here: https://digital.ai/

Rapid7

Rapid7 is a leading provider of security data and analytics solutions that enable organizations to implement an active, analytics-driven approach to cyber security. We combine our extensive experience in security data and analytics and deep insight into attacker behaviors and techniques to make sense of the wealth of data available to organizations about their IT environments and users. Our solutions empower organizations to prevent attacks by providing visibility into vulnerabilities and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks. Rapid7 is trusted by more than 4,150 organizations across 90 countries, including 34% of the Fortune 1000. To learn more about Rapid7 or get involved in our threat research, visit http://www.rapid7.com.

CircleCI

CircleCI is the world’s largest shared continuous integration and continuous delivery (CI/CD) platform, and the central hub where code moves from idea to delivery. As one of the most-used DevOps tools, CircleCI has unique access to data on how engineering teams work, and how their code runs. Companies like Intuit, Apple, Spotify, Tinder, and Twilio use CircleCI to improve engineering team productivity, release better products, and get to market faster.

ZeroNorth

ZeroNorth delivers risk-based vulnerability orchestration across applications and infrastructure. By orchestrating security scanning tools, including Checkmarx CxSAST, throughout the entire software lifecycle, ZeroNorth provides a comprehensive, continuous view of risk and reduces costs associated with managing disparate technologies. ZeroNorth empowers customers to rapidly scale application and infrastructure security, while integrating seamlessly into developer environments to simplify and verify remediation. For more information about ZeroNorth and our platform, visit www.zeronorth.io    

Kondukto

Kondukto is a DevSecOps platform that embeds automated security tests in DevOps pipelines using various scanning tools, including Checkmarx CxSAST & CxSCA, and enables management of vulnerabilities discovered by different tools from a single platform. Starting with vulnerabilities discovered by Checkmarx at the earlier stages of the software development lifecycle, Kondukto allows users to have a holistic and correlated view of vulnerabilities discovered at all stages of software development. Learn more at www.kondukto.io