Trust
Compliance and Certifications

Third Party Reviews
To demonstrate how Checkmarx protects customer data, we provide independent third-party reports to our customers. We regularly pass rigorous third-party compliance audits of our security, availability, processing integrity, confidentiality, and privacy controls.

ISO 27001:2013 Certified
Checkmarx has successfully obtained its certification to the International Organization for Standardization (ISO) 27001:2013 standard. This standard formally specifies an Information Security Management System (ISMS), a suite of activities concerning the management of information security risks. The ISMS is an overarching management framework that allows Checkmarx to identify, analyze, and address its information risks. The ISMS ensures that our security arrangements are fine-tuned to keep pace with changes to security threats, vulnerabilities, and business impacts. The certification is achieved through a systematic and rigorous external examination of an organization’s information security risk profile that takes into account any threats or vulnerabilities.

SSAE16 – SOC2 Type 2 Certified
Checkmarx is SOC2 Type 2 certified by EY. The SOC 2 report demonstrates Checkmarx’s continuous commitment to internal information security practices, policies, procedures, and operations by meeting or exceeding the AICPA standards for security, availability, and confidentiality.

FedRAMP compliant under Project HOST
Checkmarx has a certified installation on a Project Hosts environment to enable our FedRamp customers.

EU GDPR Compliant
Checkmarx has completed the GDPR readiness. See our Privacy Policy for more details.

CSA STAR LEVEL 1 CERTIFICATION
Checkmarx successfully completed CSA's STAR Level 1 security assessment for our cloud-based Checkmarx One™ Application Security Platform.