Checkmarx and AWS
Checkmarx & AWS
Better together: Checkmarx and AWS work together to improve the security of your applications in the cloud.
Overview
Source Code Scanning
Open Source Scanning
Secure Code Training
AWS Resources
Overview
Integrate. Automate. Accelerate.
The frictionless integration of Checkmarx Application Security Testing into AWS CodePipeline provides security analysis when teams need it most. Accelerate DevOps velocity by eliminating the need for time-consuming manual scan configurations with the Checkmarx Application Security Platform™ and AWS’s web-scale architecture and rapid infrastructure provisioning. Our best-in-class SAST and SCA solutions, along with Checkmarx Codebashing™, our AppSec awareness training, can run entirely in an AWS environment and integrate with your CI/CD tools, providing all the benefits of cloud hosting, seamless security analysis, and just-in-time learning for developers.Source Code Scanning
Source: AWS CodeCommit
Discover vulnerabilities during the coding stages of the SDLC before you push the code to branches. Shifting security scans left into development platforms allows developers to retrieve results from the last security analysis scan, bringing them directly within the IDE.
Build and Test: AWS CodeBuild
Automate security scans within AWS CodeBuild to discover vulnerabilities during your pipeline’s build and test phases before accepting merge or pull requests.
Open Source Scanning
SOURCE: AWS CODECOMMIT
When open source vulnerabilities are discoverable directly within the IDE, this shift left creates a frictionless development experience that saves developers time and companies money. Bring security scan results with targeted remediation recommendations into the coding stages of the SDLC before pushing the code to branches to reduce time to build and test.
Build and Test: AWS CodeBuild
Streamline and scale development by automating software composition analysis scans within AWS CodeBuild to fix security vulnerabilities, licensing requirements, and outdated libraries or packages before accepting merge or pull requests. View our integration documentation here.
Secure Code Training
Commit and Build Code Faster with Just-in-Time Learning for Developers
When run in conjunction with Checkmarx application security testing solutions, Checkmarx Codebashing™ lessons show developers how to fix vulnerabilities in security scans. In-app, gamified coding education is always in the developer’s language, automatically accessible via a direct link within security scan results. Get a free trial of Codebashing here.AWS Resources
Checkmarx Integrates with the AWS Software Development Toolchain
Monitor
AWS X-Ray
Monitor
Amazon CloudWatch
AWS CodePipeline
Source
AWS CodeCommit
Test
AWS CodeBuild and third-party solutions
Deploy
AWS CodeDeploy
Monitor
AWS X-Ray
Amazon CloudWatch
Codebashing
Checkmarx SAST & Checkmarx SCA
We provide integrated support for the AWS CodeStar services, allowing you to initiate Checkmarx AST scans from CodeBuild and CodePipeline for code stored in CodeCommit.
By leveraging our AST solutions for AWS, you can perform static code and open source analysis within the secure confines of your dedicated AWS software development environments.
Security Testing Solutions
You can purchase our portfolio of AST solutions through Amazon Marketplace Public and Private Offers.
DevOps Competency
Security Competency
Public Sector Partner
DevOps Competency
Accelerating the Speed of DevOps
When organizations use Checkmarx for AWS, security scans won’t slow down their DevOps initiatives. The integration of Checkmarx into optimized workflows ensures organizations achieve a robust DevSecOps deployment.Security Competency
Software Security, Shifted Left
Organizations using AWS and Checkmarx discover and remediate vulnerabilities early in the CI/CD pipeline, directly in the tools that developers already use. This automated, seamless developer workflow ensures that fixes are faster and your organization can still develop securely at scale.Public Sector Partner
Accelerating ATO and DevSecOps for the Public Sector
AWS recognizes Checkmarx as a solution primed to deliver “government, education, and nonprofit customer missions around the world.” We enable the public sector to rapidly develop citizen-facing and internal applications that are both compliant and secure. Learn more about how we enable government organizations to accelerate securely. Learn more about how Checkmarx enables government organizations to accelerate, securely.Other Checkmarx Offerings
Powered by AWS
Checkmarx Private Hosting Services
Reduce the burden on your internal teams and increase the security and reliability of your AppSec solutions by hosting our AST technology on secure, dedicated, single-tenant servers in the Amazon Cloud ecosystem.
Checkmarx AppSec Accelerator
Managed software security testing lets you offload your software security program onto our experts, allowing you to scale effectively and quickly.
Resources
Automating security across the SDLC with AppSec Accelerator