Freely subscribe to our NEWSLETTER

Checkmarx, the industry in cloud-native application security for the enterprise, today released version 3.0 of its AI-powered Checkmarx One™ enterprise AppSec platform. Purpose-built for enterprise cloud development, Checkmarx One 3.0 dramatically improves the end-to-end developer experience while expanding the AI-driven security capabilities of the platform’s CheckAI Plug-in, its reporting and analytics capabilities and its Supply Chain Security solution.

"Checkmarx One is the AI-driven AppSec platform for today and for the future. Enterprise CISOs now see the strength of their application security as critical to their overall security postures," said Sandeep Johri, CEO at Checkmarx. "Leveraging the power of AI to protect the most complex enterprise applications is critical. Yet it’s also important to ensure that the platform is easy and rewarding for developers to use and offers the most robust defence possible against software supply chain attacks."

Checkmarx One Version 3.0 now offers:

· AI-Powered Application Security: The CheckAI Plugin for ChatGPT is joined by AI Query Builder for SAST, AI Query Builder for Infrastructure-as-Code (IaC) Security, and AI Security Champion to both secure changing developer workflows and make AppSec easier for overburdened enterprise AppSec teams.

· Seamless Developer Experience: Checkmarx One integrates easily into the most popular integrated development environments (IDEs) and feedback tools to increase adoption and help teams find and fix vulnerabilities swiftly. New features such as the presentation of the attack vector, linked directly to the line of code within the developer IDE, save substantial time for developers.

· Expanded Supply Chain Security Capabilities: In addition to the detection of malicious packages and the Checkmarx Supply Chain Threat Intelligence feed, Checkmarx One now includes a Secrets Detection Engine and Project Scorecard.

· Advanced API Security: Checkmarx One offers the industry’s most complete API Security solution, automating the discovery and testing of an organisation’s shadow APIs and expanding from pre-production to runtime.

· Consolidated, Simplified AppSec: Through integration of runtime insights from Sysdig as well as App Risk Management, Checkmarx One now consolidates vulnerabilities, risk ratings and prioritisation guidance across an organisation’s entire application portfolio. One comprehensive dashboard helps direct developers toward the riskiest application vulnerabilities first.

· Advanced Reporting and Analytics: An all-new reporting module elevates risk comprehension through sharper insights and drill-down analytics.

A screenshot of a computer Description automatically generated

Checkmarx One links the attack vector directly to the line of source code, showing developers the data coming into an application all the way to the sink.