Security Compass - Experts & Thought Leaders

Checkmarx, the pioneer in cloud-native application security, has announced an integration partnership with SD Elements from Security Compass, a pioneer in Security by Design. The integration enhances Checkmarx One, the industry-pioneering enterprise application security platform, and Checkmarx SAST by incorporating SD Elements to streamline and expand threat modeling capabilities across the software development life cycle (SDLC). Threat modeling Threat modeling is essential in identifying and mitigating potential security threats early in the development process. By integrating SD Elements, Checkmarx One empowers developers and security teams to secure applications from code to the cloud, significantly reducing application security risks while maintaining efficient developer workflows. "Security by Design" methodology "Security by Design" ensures a dynamic and comprehensive assessment of the threat model The integration with SD Elements facilitates a "Security by Design" methodology, enabling continuous threat modeling to scrutinise every code change and new feature addition. This ensures a dynamic and comprehensive assessment of the threat model throughout its lifecycle, from initial release to subsequent updates. Code-to-cloud development “Proaction and prevention are keys to secure applications, which makes threat modeling a critical element,” said Ori Bendet, VP of Product Management at Checkmarx. “To ensure the success of threat modeling and application security, it’s essential that it be part of a seamless process." "Because teams need the delivery of precise results to be fast and available in context, these integrations with Security Compass will enable today’s code-to-cloud development to be done in a more secure and highly efficient manner.” Robust application security solutions Trevor Young, Chief Product Officer at Security Compass, adds, "Integrating SD Elements with Checkmarx's robust application security solutions marks a significant milestone in our mission to embed security seamlessly into the development process." "This partnership underscores our shared vision of making security an integral, uncompromising part of application development, ensuring that every software release is secure by design." Partnership benefits The integrations between Checkmarx and Security Compass’ SD Elements offer customers: Tailored threat modeling that aligns with specific applications, technologies, compliance mandates, and business contexts. Streamlined code scanning to ensure the effective implementation of threat countermeasures and compliance adherence. Enhanced threat-model coverage across software portfolios through the integration of Checkmarx’s scanning results within popular integrated development environments (IDEs) and development workflows.

Checkmarx, the industry pioneer in cloud-native application security for the enterprise announced its Checkmarx Technology Partner programme, enabling organisations to easily extend the AppSec platform with a wide range of technology partner capabilities. Better security outcomes The combination of best-of-breed technology partners with the enterprise AppSec platform helps organisations shift everywhere, from code to cloud, with a unified AppSec posture integrated into the software development life cycle (SDLC). Checkmarx’s Technology Partner programme helps organisations simplify management across their AppSec programmes, get more value out of existing AppSec solutions, and drive better security outcomes. Software development lifecycle  Providing broad support for greater AppSec maturity throughout the entire SDLC, the Checkmarx Technology Partner programme enables partners and their customers to centralise and simplify discovery in these key areas through Checkmarx One: Vulnerability and risk management systems: Aggregate, normalise, and prioritise vulnerabilities and risks with a unified, holistic view with partners like ArmorCode, Brinqa, and ServiceNow. SDLC tools: Integrate AppSec at all stages of the software development lifecycle within the environments and tools used daily by analysts, developers, and testers with partners like GitLab, JetBrains, and Security Compass. Cloud and runtime security: Match cloud assets at runtime with application source code projects so that vulnerabilities found in the developer source code are enriched with runtime context and runtime cloud security inventories are enriched with AppSec findings, all possible through partners like AWS, Cisco Panoptica, and Sysdig. Emerging technologies: Work with the most innovative startups and technologies including AI and GenAI to shape tomorrow’s AppSec solutions landscape with partners like Mobb.ai. AI-driven, enterprise-ready AppSec platform Expanding this ecosystem simplifies the process of mitigating AppSec risk for our partners’ customers" “Expanding this ecosystem simplifies the process of mitigating AppSec risk for our partners’ customers, making their applications exponentially more secure during a time of escalating threats,” said Kobi Tzruya, Chief Research and Development Officer at Checkmarx. “From protecting AI-generated code to helping build trust between developers and security teams, Checkmarx One is already the AI-driven, enterprise-ready AppSec platform of choice." Streamlined, consolidated solutions "Now working with other pioneering technology companies to meet the need for streamlined, consolidated solutions will make life easier and applications safer for everyone.” Checkmarx recently announced Sysdig as its latest technology partner, bringing runtime container insights into Checkmarx One so organisations can prioritise vulnerabilities associated with container packages that are actually running and that pose the most risk.   Application security vendors The top application security vendors have a responsibility to team up to provide more robust and complete solutions" “The top application security vendors have a responsibility to team up to provide more robust and complete solutions for the world’s enterprises,” said Bryan Smoltz, VP of Technology Alliances at Sysdig. “By delivering runtime insights within Checkmarx One, customers have clear visibility into the workloads that are running in production so they can make better-informed security decisions. Together, we’re helping to bring maximum protection at cloud speed.” Readily accessible solutions Technology partners also benefit from the programme with new marketing and sales opportunities, and by making their solution readily accessible to Checkmarx’ more than 1,800 customers, including 60% of the Fortune 100. The Checkmarx One platform scans more than 100 billion lines of code monthly and its world-renowned Checkmarx Labs security research team provides ongoing threat intelligence to inform product development and to advise customers of their best defences in the current threat landscape.