Checkmarx Scores Highest for DevOps/DevSecOps Use Case in 2020 Gartner Critical Capabilities for Application Security Testing Report

3 min.

May 7, 2020

NEW YORK & RAMAT GAN, ISRAEL – May 7, 2020 Checkmarx, the global leader in software security solutions for DevOps, today announced that it ranked highest for the DevOps/DevSecOps use case in the 2020 Gartner Critical Capabilities for Application Security Testing report. Checkmarx was also recently recognized as a Leader in the 2020 Gartner Magic Quadrant for Application Security Testing based on analyst research and named a 2019 Gartner Peer Insights Customers’ Choice for Application Security Testing based on customer reviews.

Gartner Critical Capabilities are “attributes that differentiate products and services in a class in terms of their quality and performance. Gartner recommends that users consider the set of critical capabilities as some of the most important criteria for acquisition decisions.”1

According to Gartner, “Gartner has observed the major driver in the evolution of the AST market is the need to support enterprise DevOps initiatives. Customers require offerings that provide high-assurance, high-value findings while not unnecessarily slowing down development efforts. Clients expect offerings to fit earlier in the development process, with testing often driven by developers rather than security specialists.”2

Checkmarx leads the industry in delivering automated security scanning as part of the DevOps process. A ‘best-fit’ for DevOps, the Checkmarx Software Security Platform integrates SAST, IAST, SCA, and developer application security awareness and training, enabling organizations to better manage their software security across the entire SDLC and release secure software faster. The solution is available on-premises, in the cloud, or for hybrid environments.

“Supporting the needs of enterprise DevOps and DevSecOps has always been a key focus for Checkmarx, and achieving the number-one ranking in this use case is a formidable vote of confidence for our approach to application security testing,” said Emmanuel Benzaquen, CEO, Checkmarx. “Checkmarx is committed to delivering rapid and accurate software security testing solutions that are increasingly integrated and automated throughout the SDLC to support modern software development.”

Checkmarx recently introduced a new orchestration module for its Software Security Platform, Checkmarx ‘Flow’ (CxFlow), providing more seamless implementation and automation of AST in modern development and DevOps environments. CxFlow enables automated scanning earlier in the code management process by integrating into source control management systems or CI/CD tools. Notably, CxFlow is the only solution from an AST provider that offers end-to-end automation from scanning to ticketing.

Additional Resources:

1 – Gartner, Critical Capabilities for Application Security Testing, Dale Gardner, Dionisio Zumerle, Mark Horvath, 27 April 2020

2 – Gartner, Magic Quadrant for Application Security Testing, Mark Horvath, Dionisio Zumerle, Dale Gardner, 29 April 2020

Gartner Disclaimers:

Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Checkmarx

Checkmarx is the global leader in software security solutions for modern enterprise software development. Checkmarx delivers the industry’s most comprehensive Software Security Platform that unifies with DevOps and provides static and interactive application security testing, software composition analysis, and developer AppSec awareness and training programs to reduce and remediate risk from software vulnerabilities. Checkmarx is trusted by more than 40 of the Fortune 100 companies and half of the Fortune 50, including leading organizations such as SAP, Samsung, and

Media Contacts

Cameron Martin

Public Relations Manager, Checkmarx


Jessica Bettencourt

InkHouse for Checkmarx


Read More

Want to learn more? Here are some additional pieces for you to read.