Integration speeds remediation by 99% while preserving optimized developer workflows
ATLANTA, Nov. 2, 2023 /PRNewswire/ — Checkmarx, the industry leader in cloud-native application security for the enterprise, announced today an integration with Mobb, the trusted automated vulnerability fixer, to streamline application security testing and remediation within familiar developer workflows. Checkmarx customers can now deploy Mobb’s auto-remediation solution for vulnerabilities identified during scans with Checkmarx SAST. This new capability represents an expansion of Checkmarx’ auto-remediation offerings for SCA (software composition analysis) and IaC (infrastructure-as-code) Security.
The Mobb integration with Checkmarx significantly reduces time-to-remediation from nearly five hours to five minutes, on average, simplifying the process in two primary ways:
- Checkmarx’ industry-leading SAST solution is highly tuned for accuracy and prioritizes findings to minimize the noise that enters the development workflow. Developers can trust that alerts are genuinely exploitable problems and be guided to fix the most critical vulnerabilities first.
- Mobb’s AI engine leverages heuristics to perform auto-remediation of vulnerabilities identified by Checkmarx in just a few clicks. Developers are freed from reviewing scan reports to search for fixes and fix locations, allowing them to focus on innovation.
“Mobb and Checkmarx share a vision of the vital nature of application security at a time when code drives every aspect of the enterprise and AI is disrupting everything,” said Ori Bendet, VP of Product Management at Checkmarx. “This first integration from our partnership with Mobb not only speeds time-to-delivery of new applications, but helps build trust between AppSec leaders and developers, resulting in reduced risk and maximizing return on investment.”
“This new partnership empowers companies to take their DevSecOps program to the next level of automation and speed,” said Eitan Worcel, CEO at Mobb. “Running Checkmarx and Mobb in the pipeline completely changes the narrative of security tools from being the delaying factor to one that provides a productivity and efficiency boost, allowing companies to do more with less.”
Mobb reduces time-to-remediation by 99% on average. With this new integration, workflows are simplified and, when integrated within the SDLC, typically resemble the following:
- A developer commits code changes to the organization’s code hosting platform.
- A Checkmarx SAST scan is automatically initiated in the appropriate phase of the SDLC.
- Mobb analyzes the reported vulnerabilities and the developer’s source code for essential contextual information on how the error was created.
- Mobb then incorporates the additional context and proposes a fix, presenting it side-by-side with the vulnerable code.
- The developer approves and commits the fix.
- Checkmarx then scans to verify that the fix is effective.
Key features of the integration include the ability to scan with Checkmarx through Mobb CLI and the ability of users to retrieve their applications managed in Checkmarx One directly into Mobb without having to import or configure each of them individually.
To learn more about the Checkmarx and Mobb integration, visit this page.
About Mobb
Mobb is the trusted, automatic vulnerability fixer that secures applications using deterministic algorithms and advanced AI to rectify coding flaws. Remediations are based on security best practices and input from the developers who commit the fixes. This informed, automated approach significantly reduces security backlogs and frees developers to focus on innovation, while continuously enhancing coverage and accuracy with each fix. Learn more at mobb.ai, follow on LinkedIn and try Bugsy, the open-source fixer.
About Checkmarx
Checkmarx is the enterprise application security leader and the provider of Checkmarx One™, the cloud-native AppSec platform that builds #DevSecTrust. Powered by intelligence from our industry-leading AppSec security research team as well as our AI-driven technology and services, Checkmarx One enables enterprise CISOs, AppSec and development leaders to prioritize their teams’ focus on what impacts the business most. Our offerings secure every phase of development for every application while simultaneously balancing the dynamic needs of security and development teams. It’s no longer just about shifting left or right – it’s about shifting everywhere from code to cloud. Checkmarx serves more than 1,800 customers, including 60% of the Fortune 100. Checkmarx. Make Shift Happen.
Follow Checkmarx on LinkedIn, YouTube, and Twitter/X.
SOURCE Checkmarx