Checkmarx Launch CxSCA

This week, Checkmarx launched a new SaaS-based software composition analysis solution — SCA (CxSCA). Empowering security and development teams

Checkmarx Launch

Empowering security and development teams

Existing measures for securing open-source software consist of lengthy reports to outline vulnerabilities that are more often than not, riddled with inaccuracies. Understandably, this makes it hard for developers to know where best to allocate their time.

CxSCA leverages Checkmarx’s industry-leading source code analysis and automation capabilities by identifying vulnerabilities that pose the most risk within open-source software, thereby allowing developers to focus on remediation. CxSCA removes challenges associated with vulnerability detection through its unique automated triage functionality.

With industry-leading open source security risk awareness, visibility, and prioritisation measures, CxSCA increases efficiency for DevOps and AppSec teams.

CxSCA can be used independently or as part of a broader Checkmarx Software Security Platform — Static Application Security (SAST), Interactive Application Security Testing (IAST), and integrated developer AppSec training and awareness, giving development teams a single unified approach to managing their application security posture.

Coupled with Checkmarx SAST (CxSAST), users can benefit from the unified management of project creation and application security scans, including the ability to run automated scans in source code repositories such as GitHub, GitLab, and Bitbucket to name a few.

According to Gartner, “the combination of SAST and SCA can help deliver higher-fidelity results. The addition of SCA capabilities within an existing suite of testing tools can simplify installation, integration, administration, and maintenance.”

Additional capabilities

Additional CxSCA features include:

  • Extensive Database of Open Source Libraries and Vulnerabilities: Greater security and risk awareness above and beyond the National Vulnerability Database (NVD), even for those with no corresponding CVE at the time of discovery.
  • Seamless DevOps Integration: Easy integration with the entire SDLC offering to streamline developer workflows and expedite delivery timelines.
  • Scalability and Flexibility: The secure SaaS-based flexible deployment model, provides developers with scale and speed, leaving them to spend more time on developing secure software,  and less on managing infrastructures.

Try it today

CxSCA is available now. As partners of Checkmarx, we’re here to help. If you’d like to find out more, contact us by clicking the button below.

Atlasssian expert resources

Visit our blog for expert news and articles from the Atlassian world. On our resources page you will find recorded webinars, white papers, podcasts, videos and more.

The Software Blog

Read our blog for articles offering best practice advice written by Atlassian experts, as well as the latest news concerning your software.

Software White Papers and Guides

Dive deep into Atlassian software with our white papers and guides on individual tools, partner products, services, and best practices, written by the experts.

Expert Webinars

All of our webinars are pre-recorded and available to watch on-demand. Enjoy everything from partner features to application demos and updates from Atlassian experts.

Subscribe to our Newsletter

Subscribe to our Newsletter