Datasheet
Checkmarx Static Application
Security Testing (CxSAST)
Software Security is Now
a Boardroom Issue
Today’s software-driven organizations thrive on
developing, delivering, and deploying their own
innovative applications to enhance their business
offerings and better serve their customers.
However, in an increasingly complex world, securing the lines
of code that make up these custom applications can be as
challenging as it is important. As a result, some organizations are
still either releasing code to production containing known organic
vulnerabilities or waiting until they are ready to deploy to address
security-related coding errors. A few years ago, this situation was
less than ideal. Today, it’s no longer a viable option.
Checkmarx SAST’s Unique Values:
Advanced Automation: Tightly integrates with
common software release orchestration and agile
planning tools such as IDEs, build management
servers, source code repositories, and bug tracking
tools to automatically enforce security policies.
Find Vulnerabilities Sooner: CxSAST scans at the
source code level and doesn’t require a complete
build. There are no dependency configurations
and no learning curve when switching languages.
Accelerate Time to Remediation: Allows
developers to fix multiple vulnerabilities at a
single point in the code using our unique “Best
Fix Location” remediation guidance algorithm.
Better Together: CxSAST is at the heart of
Checkmarx comprehensive suite of application
security testing solutions. Cross-product synergies
and integrations enable greater coverage, better
results, and more intelligent prioritization and
remediation.
Organizations need a way to embed static application
security testing (SAST) into their dev pipelines as seamlessly
as possible, allowing their developers to scan their code earlier,
more often, and more accurately. Integrating SAST integration
and automation into existing dev tooling improves security and
reduces testing delays. In modern application development,
with already accelerated development windows, it’s crucial
to remove anything slowing or stopping development teams
from meeting their deadlines. Now, vulnerability detection
and remediation during software development are must-haves.
As organizations adopt modern application development
approaches like Agile and DevOps to ensure ever-more
aggressive release cycles, security needs to be inseparable
from software development, and a state of the art SAST
solution becomes a fundamental development requirement.
The Right Choice for Agile and CI Teams:
Unique incremental scanning capability analyzes
only modified or newly introduced lines of code,
reducing scan times by up to 80%, and integrating
with CI servers to fully automate security testing.
Integrates with Your Workflow: CxSAST enables
automated scanning earlier in the code management
process by integrating directly into source code
management (SCM) systems and CI/CD tools,
providing end-to-end automation from scanning
to ticketing.
Complete Understanding of Identified
Vulnerabilities: With Checkmarx, you can view
the reasoning and proof of all scan results to
understand the root cause of vulnerabilities.
You aren’t limited to the rules everyone else
uses. Checkmarx Open Query language gives
organizations complete control of the intellectual
research behind CxSAST.
 Datasheet - CxSAST

To meet this pressing need, Checkmarx developed and delivers comprehensive vulnerability reports that are highly accurate
the most innovative SAST solution on the market (CxSAST), and prioritized according to their severity, giving developers
deployed by some of the largest organizations in the world. guidance on what they need to remediate first.
CxSAST is an enterprise-grade application security testing
CxSAST supports a full list of coding and scripting languages
solution that provides high-speed, fully-automated, flexible, and
and frameworks. Built by developers for developers, CxSAST
accurate static code analysis to identify security vulnerabilities
has dramatically improved the security of software applications
in uncompiled custom code. With the flexibility to run full and
worldwide.
incremental scans whenever they’re needed, SAST provides

Supporting Coding Languages

Comply with Regulatory Standards

Standards and regulatory requirements such as PCI-DSS, HIPAA, FISMA, and others require organizations test their code for common
vulnerabilities like those found in the OWASP Top 10 and the SANS Top 25. CxSAST detects these issues and more. Plus, with our unique
query language and adjustable queries, you can easily create your own security policy consisting of the vulnerabilities and software risks
that are most important to your industry and organization.

Supported Standards

Flexible Deployment Options

CxSAST is available as a standalone product and can be effectively integrated throughout the Software Development Life Cycle (SDLC)
to streamline vulnerability detection and remediation. CxSAST can be deployed on-premises, in the cloud, or in hybrid environments.

Contact us Checkmarx is constantly pushing the boundaries of Application Security Testing to make security
seamless and simple for the world’s developers while giving CISOs the confidence and control they

for a Free need. As the AppSec testing leader, we provide the industry’s most comprehensive solutions, giving
development and security teams unparalleled accuracy, coverage, visibility, and guidance to reduce

Demo! risk across all components of modern software – including proprietary code, open source, APIs, and
Infrastructure as code. Over 1,600 customers, including half of the Fortune 50, trust our security
technology, expert research, and global services to securely optimize development at speed and
scale. For more information, visit our website, check out our blog, or follow us on LinkedIn.

©2021 Checkmarx Ltd. All Rights Reserved.