Checkmarx, the industry leader in cloud-native application security for the enterprise, has released version 3.0 of its AI-powered Checkmarx One enterprise AppSec platform. 

Purpose-built for enterprise cloud development, Checkmarx One 3.0 dramatically improves the end-to-end developer experience while expanding the AI-driven security capabilities of the platform's CheckAI plug-in, its reporting and analytics capabilities and its Supply Chain Security solution.

“Checkmarx One is the AI-driven AppSec platform for today and for the future. Enterprise CISOs now see the strength of their application security as critical to their overall security postures,” says Sandeep Johri, chief executive officer at Checkmarx. 

“Leveraging the power of AI to protect the most complex enterprise applications is critical. Yet it’s also important to ensure that the platform is easy and rewarding for developers to use and offers the most robust defence possible against software supply chain attacks.”

Checkmarx One Version 3.0 now offers AI-powered application security. AI Query Builder joins the CheckAI plug-in for ChatGPT for SAST, AI Query Builder for Infrastructure-as-Code (IaC) Security, and AI Security Champion to both secure changing developer workflows and make AppSec easier for overburdened enterprise AppSec teams.

Checkmarx One integrates easily into the most popular integrated development environments (IDEs) and feedback tools to increase adoption and help teams find and fix vulnerabilities swiftly. New features, such as the presentation of the attack vector linked directly to the line of code within the developer IDE, save substantial time for developers.

In addition to detecting malicious packages and the Checkmarx Supply Chain Threat Intelligence feed, Checkmarx One now includes a Secrets Detection Engine and Project Scorecard.

Checkmarx One offers the industry’s most complete API Security solution, automating the discovery and testing of an organisation’s shadow APIs and expanding from pre-production to runtime.

By integrating runtime insights from Sysdig and App Risk Management, Checkmarx One now consolidates vulnerabilities, risk ratings and prioritisation guidance across an organisation's entire application portfolio. One comprehensive dashboard helps direct developers toward the riskiest application vulnerabilities first. 

The solution also has an all-new reporting module that elevates risk comprehension through sharper insights and drill-down analytics.

“Checkmarx One offers tremendous and measurable benefits for our customers, improving both application security and developer experience for a more seamless AppSec experience and faster time-to-market,” says Amit Daniel, chief marketing officer at Checkmarx. 

The company says its offerings secure every application's development phase, from the first line of code through production, while simultaneously balancing the dynamic needs of security and development teams. It has over 1,800 customers, including 60% of all Fortune 100 organisations.

“One Fortune 500 customer customised their AppSec solution, strengthened their AppSec skills with secure code training and created a security champions program to build a bridge between development and AppSec teams. All of this resulted in a 1600x increase in the number of vulnerabilities remediated for a significant boost to enterprise security.”