DEVOPSdigest

Checkmarx announced a new generation in software supply chain security with its Secrets Detection and Repository Health solutions to minimize application risk.

Checkmarx software supply chain solutions are offered within the consolidated Checkmarx One enterprise application security platform. These new solutions, Repository Health and Secrets Detection, expand Checkmarx’ software supply chain security offering, joining Software Composition Analysis (SCA), Malicious Package Protection, AI Security and Container Security. Together, they secure every critical aspect of the enterprise software supply chain, equipping development and security teams to identify and mitigate risks at each stage of their software development lifecycle.

“The software supply chain is increasingly targeted by threat actors looking for new ways to breach the enterprise,” said Kobi Tzruya, Chief Product Officer at Checkmarx. “It’s complex and interdependent by nature with a huge variety of elements and potential entry points to secure. Checkmarx is expanding the capabilities of Checkmarx One to help organizations maximize supply chain security, reduce risk, and fully secure their application development on a single platform.”

Secrets Detection: Secrets are a natural byproduct of application development. Developers often “hard code” credentials to simplify iteration during coding and testing but may forget to remove them before moving the application into production. As the enterprise increasingly moves to the world of agile development, microservices, and cloud, the problem and its associated risk will only increase due to the ever-expanding number of services that will need to be collaborated on during the development phase. Checkmarx Secrets Detection reduces risk by quickly identifying sensitive credentials that may be exposed, enabling development and security teams to quickly remove discovered secrets. Part of the Checkmarx One platform, Secrets Detection accurately identifies more than 170 different types of secrets, including API keys, certificates, exposed credential, encryption keys, tokens, private URLs and other sensitive data.

Repository Health: Checkmarx’ Repository Health helps teams maximize the security posture of their software supply chain by continuously tracking health scores for all software repositories across the application footprint. Scoring is based on more than a dozen key factors in areas such as code quality, dependency management, CI/CD best practices, and project maintenance. Checkmarx One introduces 13 new automated checks covering critical areas such as binary artifacts, code reviews, CII best practices, packaging and continuous integration/continuous delivery (CI/CD) best practices, enabling developers and security leaders to maintain robust repository health. These checks range from searching for binary artifacts within the code to ensuring that best practices of secure development are being followed, such as checking for the completion of code reviews or fuzzing, along with automatic continuous integration (CI) checks.