SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image
Checkmarx & Security Compass unite for enhanced threat modelling
Wed, 13th Mar 2024

Checkmarx, a cloud-native application security vendor, has unveiled its collaborative pact with SD Elements from Security Compass, another industry heavyweight in Security by Design. The pact aims to significantly enhance threat modelling capabilities across the entire software development life cycle (SDLC).

Through the integration of SD Elements, the Checkmarx enterprise application security platform, Checkmarx One, and Checkmarx SAST (Static Application Security Testing) will now be much more streamlined in their operations. Checkmarx One greatly enables both developers and security teams to fortify their applications from code all the way to the cloud, thus notably diminishing application security risks while simultaneously preserving efficient developer workflows.

The forthcoming synchronisation of SD Elements also paves the way for the practice of a "Security by Design" methodology, proffering continuous threat modelling that critically examines any and every code change and new feature incorporation. This means that throughout the threat model's entire lifecycle, from its initiation to its future updates, a dynamic and exhaustive evaluation is ensured.

Ori Bendet, the VP of Product Management at Checkmarx, commented on the importance of thorough threat modelling in current web application security circumstances: "Proaction and prevention are keys to secure applications today, which makes threat modelling a critical element. In order to ensure the success of threat modelling and application security, it’s essential that it be part of a seamless process." Bendet also stated that the team acknowledges the imperativeness of swift and contextual delivery of precise results, asserting that these integrations with Security Compass will enable "today's code-to-cloud development to be done in a more secure and highly efficient manner."

Trevor Young, Chief Product Officer at Security Compass, further emphasised the significance of the integration: "Integrating SD Elements with Checkmarx's robust application security solutions marks a significant milestone in our mission to embed security seamlessly into the development process. This partnership underscores our shared vision of making security an integral, uncompromising part of application development, ensuring that every software release is secure by design."

Joint customers of Checkmarx and Security Compass’ can look forward to benefits from this integration, including tailored threat modelling attuned to specific applications, technology, compliance mandates, and business contexts. Additionally, streamlined code scanning will ensure effective implementation of threat countermeasures, and compliance adherence will get a boost. Enhanced threat-model coverage across various software portfolios, made possible through integrating Checkmarx’ scanning results within popular integrated development environments (IDEs), and development workflows, is another major plus point.

The Checkmarx integration with SD Elements promises a seamless incorporation of threat modelling within teams as part of their development workflows. It also portrays a progressive approach towards application security in an increasingly dynamic technological landscape.