Checkmarx + Wiz: Advancing AppSec with Code to Cloud Integration

Securing applications and cloud environments has become paramount for enterprises worldwide. Checkmarx has integrated with Wiz to address this critical need. This partnership brings together Checkmarx’s expertise in application security with Wiz’s CNAPP solution, offering mutual customers a comprehensive approach to security from the first line of code to deployment and runtime in the cloud.

Embracing Code to Cloud is now much easier

There are three pillars leading this approach:

  • Streamlined security posture management – Integrating security into every stage of the development lifecycle, offering a unified view, automated risk analysis, and remediation guidance, enhancing overall security efficacy.
  • Enhanced collaboration and efficiency for development, security, and operations teams – Achieving clear communication through integrated workflows, and streamlined processes, by feeding developer teams right where they work with the information they need, when they need it most.
  • Combining AppSec and runtime for actionable insights and prioritized vulnerability remediation – Identifying Kubernetes clusters, container images, code repositories and mapping them to Checkmarx One applications and projects with runtime data to better risk management and prioritize critical vulnerabilities effectively.

Understanding the Integration

The integration between Checkmarx and Wiz helps deliver more actionable insights and prioritizes vulnerability remediation to our mutual customers. Checkmarx One correlates Wiz’s cloud asset inventory and network exposure findings, with application security results such as code repositories, and vulnerabilities. This provides organizations with the context needed to prioritize vulnerability remediation, based on what is actually exploitable in the running application. This approach reduces the noise generated by non-critical vulnerabilities by up to 90% and enables customers to focus their resources on addressing high-impact security issues.

This integration implements a “Shift Left, Shield Right” strategy, extending the Checkmarx One offering by adding runtime information to secure every stage of the Software Development Life Cycle (SDLC), facilitating collaboration between development and security teams. Developers can gain access to actionable security insights directly within their development environments (IDE), enabling them to address vulnerabilities early in the development process, and security teams can leverage runtime context and cloud asset inventory to provide developers with relevant security information and guidance. Ultimately, it accelerates the delivery of secure applications in a cloud-native environment.

How Checkmarx enriches AppSec findings with Wiz runtime insights

Let’s see this integration in action.

In the Risk Management tab, we are able to correlate all of the Checkmarx scanner information and see all the vulnerabilities and their types. We can directly tie them back to their project, and their associated user. Adding the runtime context, and internet-facing information from the Wiz integration enables us to add another piece of the puzzle and modify the risk level to reflect internet facing vulnerabilities as riskier and prioritize them more effectively. 

Runtime context allows us to understand whether vulnerabilities are exposed to the internet, which increases the risk of exploitation. Vulnerabilities that are exposed to the internet are prioritized due to their increased risk level. 

Let’s now look at the project level, where Checkmarx One connects all the dots. We are able to see all the building blocks of the project, code repos, and packages used within the project, including: when they were scanned, how many vulnerabilities they have, the risk level and the runtime context.  This allows us to better prioritize the risk and escalate it as needed.

The integration between Checkmarx and Wiz allows organizations to connect all the moving parts in the development life cycle from code to deployment, gaining visibility into vulnerabilities that are internet facing, and prioritize them efficiently. Organizations then can navigate the complexities of modern cloud environments securely, with streamlined security posture management, actionable insights, and enhanced collaboration, mutual customers can effectively mitigate risks and accelerate their cloud journey with confidence.

If you wish to start gathering runtime insights and see the magic happen Request a Demo, to get started.

The post Checkmarx + Wiz: Advancing AppSec with Code to Cloud Integration appeared first on

Article Link: Checkmarx + Wiz Code to Cloud Integration