Tag: Checkmarx
Checkmarx Adds Hybrid SAST Engine to Improve AppSec in AI Era
Checkmarx this week revealed it has re-engineered the core engines embedded within its static application security testing (SAST) tools for the agentic artificial intelligence (AI) era. At the core of that effort ...
Survey Surfaces Depth of DevSecOps Crisis in the Age of AI
A global survey of 2,350 developers, CISOs and application security managers published this week finds that while nearly all respondents (96%) work for organizations that have embedded or connected artificial intelligence (AI) ...
A Day with Developer Assist: Faster Fixes, Cleaner Commits
Security tools promise to help developers. In practice, many of them just relocate the burden. The vulnerability still needs to be understood, researched, and fixed, only now the developer is doing it ...
Agentic AI for Defense: How Checkmarx Turns Security into a Coding Partner
"AI-powered" has become the default label for every security tool on the market. But there's a meaningful difference between a tool that uses AI to generate alerts after the fact and one ...
Sophisticated Supply Chain Attack Targeting Trivy Expands to Checkmarx, LiteLLM
Jeff Burt | | AI (Artificial Intelligence), AI supply chain attacks, Aqua Security Trivy, Checkmarx, Cloud Security, credentials, exposed secrets, GitHub Actions, LiteLLM, microsoft, Palo Alto Networks, Sysdig, TeamPCPThe supply chain attack that compromised Aqua Security’s Trivy open source security vulnerability scanner and its associated GitHub Actions earlier this month continues to expand, with software development tools from Checkmarx and ...
Checkmarx Adds Orchestration Framework to DevSecOps Platform
Checkmarx this week revamped its DevSecOps platform to include an orchestration framework for managing tasks assigned to artificial intelligence (AI) agents. Additionally, the company has added two additional artificial intelligence (AI) agents ...
The AI Productivity Paradox: How Developer Throughput Can Stall
Software engineering leaders have invested heavily in generative AI coding assistants for over two years—and for good reason. For many teams, the productivity gains appear significant. I hear the same story in ...
Checkmarx Extends Vulnerability Detection to AI Coding Tool from AWS
Checkmarx this week revealed it has added support for the Kiro artificial intelligence (AI) coding tool provided by Amazon Web Services (AWS) to its Checkmarx Developer Assist that leverages AI to surface ...
60% of Code Is AI-Generated—Are We in Trouble?
Jonathan Rende, chief product officer at Checkmarx, tackle's one of the most urgent questions in AppSec right now: what happens when AI starts writing the majority of your software? With estimates that ...
DevSec Relationship Status: It’s Complicated (But Fixable)
Remember that plastic Fisher-Price Shape Sorter from when you were a kid, where you had to fit different-shaped colorful blocks into their matching slots? And that oddly satisfying moment when the green ...
Checkmarx Report Details Havoc Caused by ‘Everything’ Package on NPM Registry
A Checkmarx report details an 'Everything' package distributed via the NPM registry that cripples any machine used to download it ...
Checkmarx Surfaces Threat to GitHub Repositories
Checkmarx reported that malicious actors have been able to compromise GitHub's Dependabot, the free automated dependency management tool for software projects ...
