DEVOPSdigest

Checkmarx announced Fusion 2.0, with a new Application Risk Management module.

Application Risk Management consolidates vulnerabilities, risk ratings and prioritization guidance across an organization’s entire application portfolio into one comprehensive dashboard, making it easy to direct developers towards the riskiest applications.

Application Risk Management presents an overall application “risk score” to help prioritize the investment of resources along with guidance on remediation

Checkmarx Fusion correlates data across every AST solution on the Checkmarx One platform to prioritize the most critical vulnerabilities to fix first. Application Risk Management builds on Fusion’s correlation engine to consolidate and prioritize risks not just within an application, but now across the entire application portfolio. This enables AppSec teams to focus on reducing the most significant risks across their application portfolios and quickly direct developers to the most critical vulnerabilities in the riskiest applications while improving the developer experience.

“As enterprises rapidly expand cloud-native development efforts, the complexity of software continues to increase,” said Sandeep Johri, CEO at Checkmarx. “The increase in complexity has led directly to an overall increase in software vulnerabilities. This results in alert fatigue for AppSec teams and poor developer experience, which poses a real threat to organizations’ ability to identify and remediate important vulnerabilities. With the new Application Risk Management module powered by Fusion 2.0, AppSec teams can easily identify the most serious business risks across their applications and quickly engage and focus their development teams on the most important issues to solve.”

The new Checkmarx Fusion 2.0 with Application Risk Management offers:

- Unified risk analysis: Presents intelligent unified risk analysis across business applications, focusing on the most important and exploitable vulnerabilities.

- Efficient management and prioritization of vulnerabilities: Users can manage and prioritize vulnerabilities efficiently in a consolidated view of security risks across the entire application portfolio.

- Guidance on assigning and resolving security issues: Offers centralized guidance on addressing a range of security issues across the application portfolio.

- Vulnerability Tracing: Users can trace when vulnerabilities were first introduced into the application.

- Unaddressed Critical Risk Timer: Provides valuable insights into the elapsed time during which a particular critical risk has not been addressed.

“There is a mindset change in the application security industry. It’s no longer about trying to find every vulnerability and hoping for the best,” said Kobi Tzruya, Chief R&D Officer at Checkmarx. “Enterprises today need help in understanding where to focus. With Fusion 2.0, they can immediately understand that with a list of top vulnerabilities out of the many that our solutions find.”