FOR DEVELOPERS | Get a 1-month free trial of Developer Assist
Platform overview
Checkmarx One
Agentic AI
Checkmarx One Assist
AI-powered Agentic AppSec agents preventing and remediating threats autonomously.
Developer Assist
Developer-first AI agent for instant vulnerability prevention and fix.
Posture
ASPM
Unified visibility, control and prioritization across your entire AppSec posture.
PARTNERSHIPS & INTEGRATIONS
Partner Programs
Building stronger AppSec ecosystems through trusted partnerships.
Find a Partner
Discover certified partners to accelerate your AppSec journey.
SOLUTIONS FOR
Code
Supply Chain
Cloud
Services
Developer-first Al agent preventing and remediating vulnerabilities instantly in IDE.
Triage & Remediation
Resolve security findings as fast as development moves.
SAST
Market-leading, developer-friendly static application security testing and analysis
DAST
Developer tailored dynamic application scanning for efficient security issues remediation.
API Security
Enterprise scale API security scanning for early detection of critical vulnerabilities.
AI Supply Chain Security
Discover, assess, and govern AI components across your software supply chain – from LLMs and agent frameworks to MCP servers and datasets
SCA
Identify, prioritize, and remediate open-source vulnerabilities, malicious code, and license risks.
Malicious Package Protection
Reveal and eliminate malicious open-source packages using industry’s largest database.
Repository Health
Enhance security with full visibility into code repository health.
Software Supply Chain Security
Protect your entire software supply chain with industry-leading security across legacy, open source, and Al-generated code.
Container Security
Secure containerized applications across SDLC, from code to cloud runtime.
laC Security
Secure cloud infrastructure via advanced scanning and vulnerability detection.
Premium Support
Enhance security outcomes and ROl with proactive, expert technical support.
Premium Services
Accelerate AppSec program success while maintaining seamless developer experience.
Maturity Assessment
Assess your AppSec maturity and unlock actionable improvement steps.
Why Checkmarx
Customer Stories
Awards
Industry Recognition
Integrations
For the Public Sector
COMPARE CHECKMARX
vs. Snyk
vs. GitHub
vs. Veracode
vs. Fortify
vs. Black Duck
vs. Semgrep
vs. Wiz
vs. Endor Labs
RESEARCH
Checkmarx Zero
Research Blog
Disclosed Vulnerabilities
Open-Source Tools
Resources
Analyst Reports
Product Demos
Solution Briefs
Videos
Webinars
Whitepapers
LEARN
Blog
Documentation
Glossary
Knowledge Hub
Customer Enablement
The 2025 Gartner® Magic Quadrant™ for Application Security Testing
Read more
IDC MarketScape for ASPM 2025
The Forrester SAST Wave 2025
Checkmarx One Solution Brief
COMPANY
About Us
Brand Kit
Leadership
Press Releases
Newsroom
Events
Careers
PARTNERS
Partner Directory
Become a Partner
GET IN TOUCH
Support Portal
Contact Us
Case Study Highlights
Checkmarx One helped Cebu Pacific streamline security, reduce vulnerability backlog, and expand secure development across the organization.
Cebu Pacific is a low-cost airline based in Pasay, Metro Manila. After using Checkmarx CxSAST on-premises, Cebu Pacific migrated to Checkmarx One to enhance AppSec agility, integrate with CI/CD pipelines, and scale security coverage. Today, Checkmarx One plays a vital role in the airline’s SSDLC and compliance efforts.
Industry
Aviation & Travel
Location
Manila, Philippines
Checkmarx Solutions & Services
Reduced vulnerability density from 1.58 to 0.8 vulns/KLoC
Embedded security into CI/CD pipelines
Scaled AppSec from 10+ to over 100 users
The Need
Cebu Pacific needed a mature, scalable AppSec solution that seamlessly integrated into developer workflows and CI/CD pipelines, offered advanced reporting to prioritize remediation, and supported alignment with key compliance standards.
The Solution
Checkmarx One provided Cebu Pacific with a seamless transition from their on-premises CxSAST, to a holistic cloud-based platform with powerful SAST capabilities and advanced analytics.
The platform integrated smoothly into CI/CD pipelines and existing developer workflows, enabling early detection of vulnerabilities and more efficient remediation. Its user-friendly interface and improved licensing model helped drive developer adoption and scale security coverage across teams.
Additionally, Checkmarx One helped Cebu with alignment to compliance standards:
“Checkmarx helps us meet compliance and security standards in several ways. Since our main booking app involves payment processing, code scanning has been one of our key evidences to comply with PCI DSS requirements. By using Checkmarx One, we can regularly scan our code to identify and address vulnerabilities, ensuring that our application meets the stringent security requirements of PCI DSS.” Bernadette Uycoque Cybersecurity Operations Manager
The Results
Improved security posture, faster remediation, and full-scale adoption
Cebu Pacific significantly reduced its backlog of high-severity vulnerabilities and saw a drop in overall vulnerability density by nearly 50%. By onboarding over 100 contributing developers and linking applications to CI/CD workflows, the airline accelerated remediation efforts and strengthened its secure development lifecycle. Checkmarx One also helped the team align with internal governance and external compliance standards with continuous, automated scanning and clear reporting.
“Checkmarx has been a vital part of our secure development lifecycle, helping us reduce critical vulnerabilities, and scale AppSec across the organization.”
Bernadette Uycoque
Cybersecurity Operations Manager, Cebu Pacific
