Checkmarx Suite® is the most powerful Source Code Analysis

CxSuite

categories, operating system (OS) platforms, programming languages and frameworks. By integrating into the Software Development Life Cycle (SDLC), Checkmarx’s automatic code review suite allows organizations to address the challenge of securing the code while cutting down on time and costs.

The widest range of vulnerability checks• Virtually zero false-positive results• Hundreds of out-of-the-box security queries•

• Integration into the SDLC•

• Graphical representation of discovered vulnerabilities•

Scan unbuilt code - without a compiler

The Virtual Compiler enables developers to test code anywhere, anytime, while avoiding problems of compiler and operating system compatibility. Developers can test uncompiled and unlinked code, their independent modules or any other application subsets in a true developer desktop deployment that reinforces good security awareness and practices as the code is written

Visualization of vulnerabilities is the key to quick remediation of insecure code. The CxSuite presents all the

.ymotana lluf s’ytilibarenluv eht ebircsed taht sliated htapA sophisticated patented engine locates and graphically presents a full attack path in the code for quick review.

of vulnerable lines of code for remediation.

CHECKMARX PATENTED

VIRTUAL COMPILER

THE NEXT GENERATION OF CODE AUDITINGOnly with Checkmarx can auditors test code at the earliest stages of the SDLC. Further, auditors can easily conduct spot checks without worrying about duplicating development environments. This is especially important for complex legacy applications where auditors can quickly inspect code with no setup.

IT’S ALL ABOUT

ACCURACY

CxSuite IS DESIGNED FOR ACCURATE AND EFFECTIVE RESULTS:

Manage the RisksSOURCE CODE ANALYSISCxSuite®

Checkmarx Ltd. • +1.917.470.9501 • www.checkmarx.com • info@checkmarx.com

Application Security Made Easy

Detailed reports help you visualize and prioritize your

Supported coding languages:

Extremely accurate

Patened Virtual Compiler

A

Next generation query language

Vulnerability coverage

Business logic vulnerability review

Coding practice enforcement

User hierarchy support

Results reporting & export

Multitier architecture

Checkmarx is the leading provider for source code analysis. Founded in 2006, Checkmarx provides comprehensive solutions for automated security code review. Its technology is used by large corporations and small and medium-sized organizations across all industries. Checkmarx pioneered the concept of a query language-based solution for tracking technical and logical code vulnerabilities, and continues to bring new

hacker free world.

SQL Injection• Cross-site scripting• Code injection•

• Parameter tampering• Cross-site request forgery• HTTP splitting• Log forgery• DoS•

• Session poisoning• Unhandled exceptions• Unreleased resources• Unvalidated input• URL redirection attack•

• Hardcoded password• And more…•

INDUSTRY VULNERABILITY CLASSIFICATION: OWASP top 10, SANS 25, PCI, mitre CWE

ABOUT CHECKMARX

Virtually zero false-positives provide an

Scan unbuilt code—without a compiler

Each vulnerability attack path is fully presented for easy investigation

An intuitive query language is available for tailoring checks to customer needs

Hundreds of out of the box security checks suited for every organization

Unmatched capability of investigating

Customization of queries allows

Extensive user and privilege management capabilities

Full dashboard report for Projects, Tasks. Export to numerous formats: xml, csv, etc. Integration with ticketing systems

Manager server, multiple scan engines and click-once thin clients

CAPABILITIES

OUT OF THE BOX VULNERABILITY QUERY SAMPLES:

DESCRIPTION AND ADVANTAGES

Virtually unlimited project size• Supports all major development languages • from multiple OS platforms. Web services, websites and client-server based • applications support Enforces coding practices and regulatory • requirements (PCI, HIPAA, SOX, and more...) Hundreds of out of the box security checks and • compliance standards

COUNTLESS SCALABILITY FEATURES FOR EFFECTIVE INTEGRATION INTO THE SDLC:

Investigate the Scans

Application Security Made Easy

Quickly identify the exact place in the code to eliminate each vulnerability.

Checkmarx Ltd. • +1.917.470.9501 • www.checkmarx.com • info@checkmarx.com