New: The Forrester Wave™: Static Application Security Testing 2025 - Checkmarx Named Leader
Discover Why
New: The Forrester Wave™: Static Application Security Testing 2025 - Checkmarx Named Leader
Discover Why
Case Study Highlights
Checkmarx One helped Cebu Pacific streamline security, reduce vulnerability backlog, and expand secure development across the organization.
Cebu Pacific is a low-cost airline based in Pasay, Metro Manila. After using Checkmarx CxSAST on-premises, Cebu Pacific migrated to Checkmarx One to enhance AppSec agility, integrate with CI/CD pipelines, and scale security coverage. Today, Checkmarx One plays a vital role in the airline’s SSDLC and compliance efforts.
Industry
Aviation & Travel
Location
Manila, Philippines
Checkmarx Solutions & Services
Static Application Security Testing CI/CD Integration Checkmarx One
Reduced vulnerability density from 1.58 to 0.8 vulns/KLoC
Embedded security into CI/CD pipelines
Scaled AppSec from 10+ to over 100 users
The Need
Cebu Pacific needed a mature, scalable AppSec solution that seamlessly integrated into developer workflows and CI/CD pipelines, offered advanced reporting to prioritize remediation, and supported alignment with key compliance standards.
The Solution
Checkmarx One provided Cebu Pacific with a seamless transition from their on-premises CxSAST, to a holistic cloud-based platform with powerful SAST capabilities and advanced analytics.
The platform integrated smoothly into CI/CD pipelines and existing developer workflows, enabling early detection of vulnerabilities and more efficient remediation. Its user-friendly interface and improved licensing model helped drive developer adoption and scale security coverage across teams.
Additionally, Checkmarx One helped Cebu with alignment to compliance standards:
“Checkmarx helps us meet compliance and security standards in several ways. Since our main booking app involves payment processing, code scanning has been one of our key evidences to comply with PCI DSS requirements. By using Checkmarx One, we can regularly scan our code to identify and address vulnerabilities, ensuring that our application meets the stringent security requirements of PCI DSS.”
Bernadette Uycoque
Cybersecurity Operations Manager
The Results
Improved security posture, faster remediation, and full-scale adoption
Cebu Pacific significantly reduced its backlog of high-severity vulnerabilities and saw a drop in overall vulnerability density by nearly 50%. By onboarding over 100 contributing developers and linking applications to CI/CD workflows, the airline accelerated remediation efforts and strengthened its secure development lifecycle. Checkmarx One also helped the team align with internal governance and external compliance standards with continuous, automated scanning and clear reporting.
“Checkmarx has been a vital part of our secure development lifecycle, helping us reduce critical vulnerabilities, and scale AppSec across the organization.”
”Bernadette Uycoque
Cybersecurity Operations Manager, Cebu Pacific
Cebu Pacific is a low-cost airline based in Pasay, Metro Manila. After using Checkmarx CxSAST on-premises, Cebu Pacific migrated to Checkmarx One to enhance AppSec agility, integrate with CI/CD pipelines, and scale security coverage. Today, Checkmarx One plays a vital role in the airline’s SSDLC and compliance efforts.
Industry
Aviation & Travel
Location
Manila, Philippines
Checkmarx Solutions & Services
Static Application Security Testing CI/CD Integration Checkmarx One