Team with one of our partners to get the most out of Checkmarx solutions.
CxSAST for Amazon Web Services
CxSAST hosted on an AWS environment, allows organizations to seamlessly connect to their development lifecycle with all the benefits of being hosted in the cloud. By leveraging CxSAST for AWS, organizations are able to perform Static Application Security Testing in the secure confines of a dedicated AWS hosted environment.
CloudBees, the enterprise software delivery company, provides the industry's leading DevOps technology platform. CloudBees enables developers to do what they do best: Build stuff that matters, while providing peace of mind to management with powerful risk mitigation, compliance and governance tools. As a ‘Premier Partner’ of Cloudbees’ Technical Alliance Partner Program (TAPP), Checkmarx is able to offer its customers, and the broader CloudBees and Jenkins communities, application security testing solutions that empower their shift to DevSecOps and bolster the delivery of more secure software at scale.
GitHub is the developer company. As the home to more than 50 million developers from across the globe, GitHub is where developers can create, share, and ship the best code possible. GitHub makes it easier to work together, solve challenging problems, and create the world’s most important technologies.
GitLab is a DevOps platform built from the ground up as a single application for all stages of the DevOps lifecycle enabling Product, Development, QA, Security, and Operations teams to work concurrently on the same project. GitLab provides a single data store, one user interface, and one permission model across the DevOps lifecycle. Checkmarx SAST, SCA, and Codebashing are directly integrated into GitLab’s CI/CD pipeline, allowing users to secure both custom and open source code with one, powerful solution. Driven by Checkmarx’s orchestration and automation module, GitLab users benefit from streamlined workflows via the elimination of time-consuming manual scans and the ability to find and fix vulnerabilities earlier in the SDLC.
Digital.ai is an industry-leading technology company dedicated to helping Global 5000 enterprises achieve digital transformation goals. Using value stream management as its cornerstone, Digital.ai combines innovative technologies in agile planning, application protection, software delivery, and artificial intelligence into a unified Value Stream Platform. Digital.ai makes it possible to connect software development and delivery efforts to strategic business outcomes and create secure digital experiences customers trust.
Rapid7 is a leading provider of security data and analytics solutions that enable organizations to implement an active, analytics-driven approach to cyber security. We combine our extensive experience in security data and analytics and deep insight into attacker behaviors and techniques to make sense of the wealth of data available to organizations about their IT environments and users. Our solutions empower organizations to prevent attacks by providing visibility into vulnerabilities and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks. Rapid7 is trusted by more than 4,150 organizations across 90 countries, including 34% of the Fortune 1000.
CircleCI is the world’s largest shared continuous integration and continuous delivery (CI/CD) platform, and the central hub where code moves from idea to delivery. As one of the most-used DevOps tools, CircleCI has unique access to data on how engineering teams work, and how their code runs. Companies like Intuit, Apple, Spotify, Tinder, and Twilio use CircleCI to improve engineering team productivity, release better products, and get to market faster.
ZeroNorth delivers risk-based vulnerability orchestration across applications and infrastructure. By orchestrating security scanning tools, including Checkmarx CxSAST, throughout the entire software lifecycle, ZeroNorth provides a comprehensive, continuous view of risk and reduces costs associated with managing disparate technologies. ZeroNorth empowers customers to rapidly scale application and infrastructure security, while integrating seamlessly into developer environments to simplify and verify remediation. For more information about ZeroNorth and our platform, visit www.zeronorth.io
Kondukto is a DevSecOps platform that embeds automated security tests in DevOps pipelines using various scanning tools, including Checkmarx CxSAST & CxSCA, and enables management of vulnerabilities discovered by different tools from a single platform. Starting with vulnerabilities discovered by Checkmarx at the earlier stages of the software development lifecycle, Kondukto allows users to have a holistic and correlated view of vulnerabilities discovered at all stages of software development.
Checkmarx and Code Dx have partnered up to offer customers a streamlined way to view the testing results for organizations using multiple static and dynamic Application Security Testing (AST) tools. Code Dx, which provides a robust suite of fast and affordable tools to help software developers and security analysts find, prioritize, and visualize software vulnerabilities, will now support the results from Checkmarx's Static Code Analysis tool. The partnership between Checkmarx and Code Dx is a powerful way for code auditors and security teams to ensure the security of their organization's applications, by rolling up Checkmarx results, along with results from other SAST tools, into one clear view. And with Checkmarx's graph visualization, fixing security issues has never been quicker or simpler.
ThreadFix Vulnerability Management by Denim Group
Checkmarx has partnered with Denim Group to offer a comprehensive view of your application security testing results, allowing organizations to eliminate software risk from the first stages of the Software Development Life Cycle (SDLC). By pairing Checkmarx CxSAST’s powerful static application security testing tool with Denim Group's ThreadFix dashboard tool, customers enjoy highly-accurate, consistent results paired with actionable insights via a user-friendly dashboard. Extending their coverage by leveraging the power of multiple application security testing tools enables customers to easily prioritize high-risk issues, cut down on false positives, and quickly distribute relevant security information to all application stakeholders.
Refactr is a radically simple DevSecOps automation platform that drives outcomes for cybersecurity and DevOps teams. Refactr’s cybersecurity-friendly drag-and-drop low-code pipeline builder and DevOps friendly features encourage disparate teams to collaborate on the same agile workflow process, both on-premise and in the cloud. Create repeatable pipelines, enable integrations with security solutions, and ensure organizations continuously automate in a safe and seamless manner. Refactr’s Checkmarx repeatable pipelines enable complex scanning processes and tie them into a larger pipeline process.
Checkmarx has teamed up with Onapsis to offer the most accurate and powerful platform to scan your entire codebase – including SAP applications and systems built on ABAP code. With applications at the core of any organization, Static Application Security Testing (SAST) solutions are one of the most effective ways of keeping them secure. The majority of organizations understand the need for remediating application vulnerabilities as early in the development process as possible.