Scribd
Upload
50 views

CxSuite Data Sheet

Checkmarx Suite is a source code analysis tool that scans code for vulnerabilities without needing to compile code. It uses a virtual compiler and has hundreds of out-of-the-box security queries to detect vulnerabilities like SQL injection, XSS, and more.

Uploaded by

Alexandru Petcu
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
50 views

CxSuite Data Sheet

Checkmarx Suite is a source code analysis tool that scans code for vulnerabilities without needing to compile code. It uses a virtual compiler and has hundreds of out-of-the-box security queries to detect vulnerabilities like SQL injection, XSS, and more.

Uploaded by

Alexandru Petcu
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

CxSuite

Application Security Made Easy


®
SOURCE CODE ANALYSIS Manage the Risks
Detailed reports help you visualize and prioritize your
Checkmarx Suite® is the most powerful Source Code Analysis

CxSuite

categories, operating system (OS) platforms, programming


languages and frameworks. By integrating into the Software
Development Life Cycle (SDLC), Checkmarx’s automatic code
review suite allows organizations to address the challenge of
securing the code while cutting down on time and costs.

CHECKMARX PATENTED
CxSuite IS DESIGNED FOR
VIRTUAL COMPILER ACCURATE AND EFFECTIVE RESULTS:
Scan unbuilt code - without a compiler
• The widest range of vulnerability checks
The Virtual Compiler enables developers to test code
• Virtually zero false-positive results
anywhere, anytime, while avoiding problems of compiler • Hundreds of out-of-the-box security queries
and operating system compatibility. Developers can test •
uncompiled and unlinked code, their independent modules • Integration into the SDLC
or any other application subsets in a true developer desktop •
deployment that reinforces good security awareness and • Graphical representation of discovered vulnerabilities
practices as the code is written

IT’S ALL ABOUT


ACCURACY
THE NEXT GENERATION OF CODE
AUDITING
Only with Checkmarx can auditors test code at the earliest
Visualization of vulnerabilities is the key to quick
stages of the SDLC. Further, auditors can easily conduct spot
remediation of insecure code. The CxSuite presents all the
checks without worrying about duplicating development
path details that describe the vulnerability’s full anatomy.
environments. This is especially important for complex
A sophisticated patented engine locates and graphically
legacy applications where auditors can quickly inspect code
presents a full attack path in the code for quick review.
with no setup.
of vulnerable lines of code for remediation.
Supported coding languages:

Checkmarx Ltd. • +1.917.470.9501 • www.checkmarx.com • [email protected]


Application Security Made Easy

INDUSTRY VULNERABILITY CLASSIFICATION: Investigate the Scans


OWASP top 10, SANS 25, PCI, mitre CWE Quickly identify the exact place in the code to eliminate
each vulnerability.
OUT OF THE BOX VULNERABILITY QUERY SAMPLES:
• SQL Injection •
• Cross-site scripting • Session poisoning
• Code injection • Unhandled exceptions
• • Unreleased resources
• Parameter tampering • Unvalidated input
• Cross-site request forgery • URL redirection attack
• HTTP splitting •
• Log forgery • Hardcoded password
• DoS • And more…

CAPABILITIES DESCRIPTION AND ADVANTAGES COUNTLESS SCALABILITY FEATURES FOR


EFFECTIVE INTEGRATION INTO THE SDLC:
Extremely accurate Virtually zero false-positives provide an
• Virtually unlimited project size
• Supports all major development languages
Patened Virtual Compiler Scan unbuilt code—without a from multiple OS platforms.
compiler • Web services, websites and client-server based
applications support
A Each vulnerability attack path is fully
• Enforces coding practices and regulatory
presented for easy investigation requirements (PCI, HIPAA, SOX, and more...)
Next generation An intuitive query language is available • Hundreds of out of the box security checks and
query language for tailoring checks to customer needs compliance standards

Vulnerability coverage Hundreds of out of the box security


checks suited for every organization
Business logic
vulnerability review
Unmatched capability of investigating
ABOUT CHECKMARX
Coding practice Customization of queries allows Checkmarx is the leading provider for source code
enforcement analysis. Founded in 2006, Checkmarx provides
User hierarchy support Extensive user and privilege comprehensive solutions for automated security code
management capabilities review. Its technology is used by large corporations
and small and medium-sized organizations across all
Results reporting & export Full dashboard report for Projects, industries. Checkmarx pioneered the concept of a query
Tasks. Export to numerous formats: language-based solution for tracking technical and
xml, csv, etc. Integration with ticketing logical code vulnerabilities, and continues to bring new
systems
Multitier architecture Manager server, multiple scan engines hacker free world.
and click-once thin clients

Checkmarx Ltd. • +1.917.470.9501 • www.checkmarx.com • [email protected]

You might also like