DEVOPSdigest

Checkmarx and Sysdig announced the integration of Sysdig Secure with Checkmarx One to help organizations prioritize critical risks and stay ahead of threats.

By delivering runtime insights from Sysdig within the cloud-native Checkmarx One™ Application Security Platform, joint users have clear visibility into workloads that are running in production, with context and information that can help reduce vulnerability noise up to 95% and boost developer productivity.

By pairing Sysdig, an end-to-end Cloud Native Application Protection Platform (CNAPP), with the Checkmarx One Application Security Platform, developers and security teams can eliminate data and people silos, prioritize true risks together, and make better-informed decisions that will ultimately improve security posture. The Checkmarx One platform is enabling better consolidation through open integrations with leading technology partners such as Sysdig. Adding runtime data is a necessary step in moving toward a “Shift Everywhere” approach to application security.

Both developer and security teams have come to expect insights from runtime that connect and provide context between environments. Using runtime insights from Sysdig, Checkmarx One users can:

- Understand how workloads behave: Untangle the complexities of running workloads, with clear visibility into which components and packages are actually loaded and running.

- Identify and manage security issues at the source: Address vulnerabilities with accurate, relevant, and actionable insight integrated throughout the software development life cycle (SDLC).

- Eliminate 95% of vulnerability noise based on in-use context: Access to runtime insights enables Checkmarx One users to improve their security posture while saving time by focusing on real risk.

- Accelerate the delivery of modern applications: Dramatically reduce the time to detect, prioritize, and remediate security issues to increase developer productivity and keep pace with rapid software delivery.

“Together, Checkmarx and Sysdig provide security across the entire cloud security life cycle, from application development to response. It’s well-known that Checkmarx is an innovator in enterprise-grade application security,” said Knox Anderson, Vice President of Product at Sysdig. “With Sysdig and Checkmarx paired together, users will be positioned to make better-informed decisions by understanding what is a real threat.”

“Alert fidelity and trust are critical success factors in the security of today’s modern applications. With the increase in application complexity, the volume of vulnerabilities increases with each aspect of the application. We need to make sure we have developers focused on what matters most,” said Ori Bendet, Vice President of Product Management at Checkmarx. “By using runtime insights from Sysdig, Checkmarx provides additional context and prioritization to the application risk-management capabilities within the Checkmarx One SaaS platform. This helps our customers prioritize the critical vulnerabilities, saving them countless hours each week and helping reduce AppSec risk and generating revenues from applications that are critical to their organizations’ business growth and cloud-based business operations.”