Checkmarx Introduces Advanced Container Security, Delivering Up to 40% Vulnerability Reduction and Significant Efficiency Gains
05 Agosto 2024 - 6:00AM
Business Wire
Enhanced threat detection combines static
analysis with malicious package analysis and integrated Sysdig
runtime insights
With the enterprise increasingly challenged to speed application
deployment as the attack surface continually expands, Checkmarx,
the industry leader in cloud-native application security, has
introduced a powerful new Container Security solution. Offered as
part of its cloud-native Checkmarx One application security
(AppSec) platform, the new Container Security solution enhances
team efficiency while delivering early vulnerability
identification, actionable insights and streamlined mitigation
within familiar development processes and workflows.
Sysdig runtime insights are integrated within the Checkmarx One
platform to enhance threat detection by combining static analysis
with runtime monitoring. Checkmarx Container Security thus enables
more immediate, proactive response and mitigation strategies than
other solutions, as well as a complete view of container security,
leading to an improved security posture. In addition, in a
capability unique in the industry, Checkmarx Container Security
identifies and flags malicious packages, emphasizing the critical
risk they pose and provides runtime usage information, offering
insights into whether malicious packages are actively used in
running containers.
With Checkmarx Container Security, heads of development can
trust their teams are able to integrate security readily within
their familiar workflows. Developers and AppSec teams can make use
of a robust feature set that ensures a thorough and proactive
approach. Features include:
- Image Scanning and Breakdown: Multi-layered approach
analyzing each layer of an image to identify vulnerabilities and
potential threats. A granular view of each container image layer
helps pinpoint security issues.
- Package Inspection: Ensures packages within container
images meet security best practices.
- Vulnerability Assessment: Prioritizes vulnerabilities
based on severity with detailed information and remediation
guidance.
- Triage Risks: Manages the severity and status of
vulnerabilities with detailed audit trails.
- Base Image Remediation: Recommends alternative base
images with a lower security risk profile.
- Malicious Package Identification: Leverages a
proprietary database of more than 385,000 malicious packages
discovered by the Checkmarx security research team. Container
Security identifies and flags fully malicious packages as well as
those for which only certain versions are flagged as malicious,
alerting when packages are in active use in running
containers.
- Results View: Intuitive interface providing detailed
scan results and analysis.
- Scan Risk Report: Comprehensive reports summarizing scan
results, downloadable in various formats.
“As software development practices evolve, the attack surface
expands while attackers seize new opportunities to deploy new
exploit techniques,” said Kobi Tzruya, Chief Product Officer at
Checkmarx. “One customer, a cloud-based service provider, saw an
immediate impact in addressing significant, business-critical
security vulnerabilities with our Container Security solution.
Their key outcomes included a 40% reduction in critical
vulnerabilities and the elimination of over 200 hours in
remediation and management processes.”
To learn more about Checkmarx Container Security and Checkmarx
One, visit this page.
About Checkmarx
Checkmarx is the leader in application security and ensures that
enterprises worldwide can secure their application development from
code to cloud. Our consolidated platform and services balance the
dynamic needs of enterprises by improving security and reducing
TCO, while simultaneously building trust between AppSec,
developers, and CISOs. At Checkmarx, we believe it’s not just about
finding risk, but remediating it across the entire application
footprint and software supply chain with one seamless process for
all relevant stakeholders. We are honored to serve more than 1,800
customers, including 40 percent of all Fortune 100 companies.
Follow Checkmarx on LinkedIn, YouTube, and X.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240805844538/en/
Media Katie Brookes Merritt Group for Checkmarx
brookes@merrittgrp.com