Checkmarx Integrates Sysdig Runtime Insights for Faster Prioritization of Cloud-Native Application Vulnerabilities

Sysdig and Checkmarx integration provides a unified view of application vulnerabilities for security, development, and cloud teams

LAS VEGAS – Black Hat – (Aug. 8, 2023) – Checkmarx, the global leader in application security solutions, and Sysdig, the leader in cloud security powered by runtime insights, today announced the integration of Sysdig Secure with Checkmarx One to help organizations prioritize critical risks and stay ahead of threats. By delivering runtime insights from Sysdig within the cloud-native Checkmarx One™ Application Security Platform, joint users have clear visibility into workloads that are running in production, with context and information that can help reduce vulnerability noise up to 95% and boost developer productivity.

Security teams are outnumbered, and they must find ways to efficiently detect, investigate, and remediate risks in cloud-native applications. To date, cloud and application security have been fragmented. A lack of aggregation and correlation of data sets hidden across multiple tools results in decisions being made without context and teams moving even slower. Developers need context on what is actually running to prioritize the vulnerabilities to fix; without it, they are “flying blind” and attempting to triage a mountain of vulnerabilities, which ultimately slows them down.

By pairing Sysdig, an end-to-end Cloud Native Application Protection Platform (CNAPP), with the Checkmarx One Application Security Platform, developers and security teams can eliminate data and people silos, prioritize true risks together, and make better-informed decisions that will ultimately improve security posture. The Checkmarx One platform is enabling better consolidation through open integrations with leading technology partners such as Sysdig. Adding runtime data is a necessary step in moving toward a “Shift Everywhere” approach to application security.

Benefits of Checkmarx and Sysdig

Both developer and security teams have come to expect insights from runtime that connect and provide context between environments. Using runtime insights from Sysdig, Checkmarx One users can:

• Understand how workloads behave: Untangle the complexities of running workloads, with clear visibility into which components and packages are actually loaded and running.
• Identify and manage security issues at the source: Address vulnerabilities with accurate, relevant, and actionable insight integrated throughout the software development life cycle (SDLC).
• Eliminate 95% of vulnerability noise based on in-use context: Access to runtime insights enables Checkmarx One users to improve their security posture while saving time by focusing on real risk.
• Accelerate the delivery of modern applications: Dramatically reduce the time to detect, prioritize, and remediate security issues to increase developer productivity and keep pace with rapid software delivery.

What People are Saying

“Together, Checkmarx and Sysdig provide security across the entire cloud security life cycle, from application development to response. It’s well-known that Checkmarx is an innovator in enterprise-grade application security,” said Knox Anderson, Vice President of Product at Sysdig. “With Sysdig and Checkmarx paired together, users will be positioned to make better-informed decisions by understanding what is a real threat.”

“Alert fidelity and trust are critical success factors in the security of today’s modern applications. With the increase in application complexity, the volume of vulnerabilities increases with each aspect of the application. We need to make sure we have developers focused on what matters most,” said Ori Bendet, Vice President of Product Management at Checkmarx. “By using runtime insights from Sysdig, Checkmarx provides additional context and prioritization to the application risk-management capabilities within the Checkmarx One SaaS platform. This helps our customers prioritize the critical vulnerabilities, saving them countless hours each week and helping reduce AppSec risk and generating revenues from applications that are critical to their organizations’ business growth and cloud-based business operations.”

Resources

• Read the Sysdig blog, “Prioritize Vulnerabilities Faster with Checkmarx and Sysdig.”
• Join the Sysdig team at Black Hat booth 1350 and Checkmarx at booth 2540. Both companies will be visiting the other in booth throughout the event.

About Checkmarx

Checkmarx is the leading application security provider, offering the industry’s most comprehensive and innovative cloud-native platform, Checkmarx One™. Fueled by intelligence from our industry-leading AppSec security research team, our products and services enable enterprises to shift everywhere in order to secure every phase of development for every application while simultaneously balancing the dynamic needs of CISOs, security teams, and development teams. We are honored to serve more than 1,800 customers, including 60 percent of Fortune 100 organizations, and are committed to moving forward with an unwavering dedication to the safety and security of our customers and the applications that power our day-to-day lives. Checkmarx. Make Shift Happen.

Media Contacts

Sysdig Press
[email protected]

---