CodeSecure and FOSSA announced a strategic partnership and native product integration that enables organizations to eliminate security blindspots associated with both third party and open source code.
Checkmarx Announces AppSec Coach
September 19, 2016
Checkmarx announced availability of a new secure coding eLearning platform, called AppSec Coach, providing Checkmarx customers the ability to address one of the greatest challenges in the software industry when it comes to application security: finding an effective way to provide developers knowledge and skills to write secure code.
The new capability is a significant addition to the Checkmarx application security testing portfolio, which helps to sharpen the skills developers need to fix vulnerabilities and write secure code. This new add-on provides in-context, bite-sized secure coding training modules, available when and where the developer needs to fix the code. AppSec Coach, integrated within Checkmarx CxSAST source code analysis solutions, is the first of its kind for developer security education and the new offering strengthens the Checkmarx commitment to developer enablement.
Lack of developer secure coding skills and awareness is continuously named as one of the most significant challenges organizations face across all verticals. As reiterated in the SANS 2016 State of Application Security survey, developer education is seen as the most effective tool to enhance the application’s security state. However, that same survey shows that implementing effective and continuous education is still the top challenge for these same organizations.
Checkmarx AppSec Coach, integrated within CxSAST, is a fun and engaging approach to get developers the knowledge they need at the time and place they need it most. By providing in-context, interactive, bite-sized educational modules, AppSec Coach ensures developers are trained exactly on what they need, when they need it, without pulling them out of their daily work routine.
“Skills shortages will continue to be a problem as new technologies emerge,” says Johannes Ullrich, Ph.D, Dean of Research for the SANS Technology Institute. “Skills shortages have, historically, been a problem for almost all InfoSec disciplines. Organizations will need to continue to leverage training and education to develop their skill sets.”
“It's no secret that the ability to deliver secure applications eventually depends on the developer's ability to avoid the pitfalls a hacker would exploit,” says Nir Livni, VP of Products at Checkmarx. “Introducing AppSec Coach serves that exact purpose. AppSec Coach allows organizations to further shift left their remediation activities, and moreover, to write secure code to begin with. This will not only reduce development and remediation costs, but also reduce the overall time to market.”
Industry News
April 16, 2025
Bauplan, a Python-first serverless data platform that transforms complex infrastructure processes into a few lines of code over data lakes, announced its launch with $7.5 million in seed funding.
April 15, 2025
Perforce Software announced the launch of the Kafka Service Bundle, a new offering that provides enterprises with managed open source Apache Kafka at a fraction of the cost of traditional managed providers.
April 14, 2025
LambdaTest announced the launch of the HyperExecute MCP Server, an enhancement to its AI-native test orchestration platform, HyperExecute.
April 14, 2025
Cloudflare announced Workers VPC and Workers VPC Private Link, new solutions that enable developers to build secure, global cross-cloud applications on Cloudflare Workers.
April 14, 2025
Nutrient announced a significant expansion of its cloud-based services, as well as a series of updates to its SDK products, aimed at enhancing the developer experience by allowing developers to build, scale, and innovate with less friction.
April 10, 2025
Check Point® Software Technologies Ltd.(link is external) announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.
April 10, 2025
Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.
April 10, 2025
The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.
April 09, 2025
Backslash Security(link is external) announced significant adoption of the Backslash App Graph, the industry’s first dynamic digital twin for application code.
April 09, 2025
SmartBear launched API Hub for Test, a new capability within the company’s API Hub, powered by Swagger.
April 09, 2025
Akamai Technologies introduced App & API Protector Hybrid.
April 09, 2025
Veracode has been granted a United States patent for its generative artificial intelligence security tool, Veracode Fix.
April 09, 2025
Zesty announced that its automated Kubernetes optimization platform, Kompass, now includes full pod scaling capabilities, with the addition of Vertical Pod Autoscaler (VPA) alongside the existing Horizontal Pod Autoscaler (HPA).
April 08, 2025
Check Point® Software Technologies Ltd.(link is external) has emerged as a leading player in Attack Surface Management (ASM) with its acquisition of Cyberint, as highlighted in the recent GigaOm Radar report.
