Page 66 - CDM Cyber Warnings February 2014
P. 66
Static Code Analysis Solutions
Checkmarx is the developer of next generation Static Code •Unique patented Virtual Compiler technology enables
Analysis solutions which identify security vulnerabilities within scanning un-compiled and un-built source code which allows
an application's source code. Checkmarx provides the best way detecting vulnerabilities from the earliest stages of the software
for organizations to introduce security into their Software development cycle
Development Lifecycle (SDLC) which systematically eliminates •Full integration with the SDLC that enables security scans
software risk. The product enables developers and auditors to during any stage of development
easily scan an application's source code in all major coding •Available in both "On Premise" and "On Demand"
languages for the most prevalent security vulnerabilities as configurations
determined by OWASP Top 10, SANS, and other major
standards. Checkmarx's customers include hundreds of Fortune 500,
government and SMB organizations in over 30 countries.
Checkmarx is a highly flexible solution, that extends beyond the
realm of source code review and basic code analysis tools. Static About Checkmarx
Code Analysis is generic, in that it looks at, and searches for The growing dependence on software coupled with increased
patterns within, the file. In addition to identifying and locating exposure and usage of the Internet emphasize that software
the security patterns within an application�s source code, reliability is becoming increasingly critical to users. Software
Checkmarx can also be utilized to enforce various coding best developers are expected to rise to the challenge and deliver
practices. applications which are both safe and secure.
CxSuite's key advantages are: Checkmarx was founded in 2006 with the vision of providing
•Reducing the time the development team spends on security comprehensive solutions for automated security code review.
vulnerability fixing by up to 75% in comparison with first The company pioneered the concept of a query language-based
generation static code analysis solutions. solution for identifying technical and logical code vulnerabilities.
•Easy to use – less than one hour installation and immediate
ability to scan �The Best Product in Application Security for 2014� - CDM
CYBER DEFENSE MAGAZINE - ANNUAL EDITION 66