Checkmarx Aligns With Wiz to Improve Application Security

Checkmarx this week announced it has integrated its platform for securing application development environments with the cloud-native application protection platform (CNAPP) provided by Wiz.

Ori Bendet, vice president of product management at Checkmarx, said that integration will make it simpler for organizations to identify application security issues that arise while building and deploying applications that need to be addressed in a production environment.

That’s critical because it’s simply not possible for application development teams to remediate every potential vulnerability before an application is deployed. Integrating a Checkmarx platform for discovering vulnerabilities will make it easier for cybersecurity teams to address application security issues using the capabilities provided by a CNAPP after an application is deployed, he noted.

Wiz last year added a platform that provides bi-directional integration between its CNAPP and third-party cybersecurity platforms. At the same time, Checkmarx has been integrating its platform with multiple CNAPPs.

Ultimately, the goal is to provide seamless integration to reduce the level of friction encountered as DevOps teams deploy applications that are destined to be secured using a CNAPP, noted Bendet.

As a term coined by Gartner, CNAPPs aggregate two types of security platforms: Cloud security posture management (CSPM) platforms—already used by many organizations to surface misconfigurations and other vulnerabilities that cybercriminals could potentially exploit—and cloud workload protection platforms (CWPP) that protect a workload running on either a virtual machine or encapsulated in a container.

Naturally, interest in CNAPPs has risen sharply as the number of workloads deployed in the cloud and concerns about the total cost of cybersecurity have increased. Many cybersecurity teams now view CNAPPs as a means to consolidate a range of capabilities provided today by individual products rapidly becoming features of a larger platform.

That approach to application security, in addition to pre-integrating multiple functions in ways that promise to make cybersecurity teams more efficient, also promises to reduce the total cost of cybersecurity. Most organizations also continue to be shorthanded in terms of cybersecurity expertise. One reason organizations don’t acquire another cybersecurity tool or platform is they don’t have anybody to manage it. The CNAPP provides a centralized approach to managing cybersecurity that is simpler to extend as additional capabilities are added.

It’s not clear how many of the vulnerabilities that might exist in application environments can be exploited, but with each passing day, cybercriminals are becoming more adept at discovering them. In many cases, it may only take a few minutes for them to compromise an application environment whenever they discover a vulnerability they previously exploited. The more aware cybersecurity teams are of those vulnerabilities, the better they can apply rules and policies to either prevent a breach or, at the very least, minimize the potential blast radius.

Ideally, cybersecurity and application development teams should work collaboratively to address application security challenges. In many instances, however, the best that can be hoped for is that each of these teams will, at the very least, make it simpler for everyone involved to complete the tasks they’ve been assigned.