Checkmarx
Checkmarx is a static code analysis tool that will assist developers to identify security vulnerabilities prior to code being deployed to production.
- Determine the security posture for an application
- Support delivering security at scale
- Identify vulnerabilities sooner in the SDLC
- Accelerate time to remediation
Checkmarx scans source code (not compiled binaries) and creates a code graph, which it queries using CxQL.
- Queries are designed to be specific to each programming language and vulnerability type
- Supports 20+ languages and frameworks
- Results can be accessed via a web portal or via source control and CI integrations