Checkmarx provides automated security scans within GitHub repositories

Checkmarx announced a new GitHub Action to bring comprehensive, automated static and open source security testing to developers.

As enterprises look to differentiate themselves through digital innovation, recent research found that nearly two-thirds will be prolific software producers, with code deployed daily, by 2025.

However, this increased emphasis on speed and volume comes at a price, as vulnerable software and applications are now the leading cause of security breaches.

With development cycles accelerating and software becoming more complex due to the evolution of APIs, microservices, containers, and more, automated solutions that are purpose-built for DevOps and enable developers to find and fix flaws more quickly and easily are required.

Checkmarx’s new GitHub Action integrates the company’s application security testing (AST) solutions – Checkmarx SAST (CxSAST) and Checkmarx SCA (CxSCA) – directly with GitHub code scanning, giving developers more flexibility and power to work with their preferred tools of choice to secure proprietary and open source code.

By automatically triggering SAST and SCA security scans in the event of a pull request, and embedding results directly into the GitHub CI/CD pipeline, Checkmarx streamlines developer workflows and empowers them to code more confidently without sacrificing speed and security.

“Checkmarx and GitHub share a similar mission in that we’re both focused on helping developers strike a balance between software development speed and security,” said Robert Nilsson, VP of Product Management, Checkmarx.

“The key to this lies within the power of automation, which helps to simplify the implementation and process of security testing in today’s fast-paced DevOps environments. We’re excited to bring our best-in-class, automated SAST and SCA solutions to the GitHub community and are confident this will enhance developers’ experience and ability in finding and fixing code-borne vulnerabilities.”

Key features and benefits include:

• Ability to scan raw source code before a build takes place, enabling greater efficiency between developers and AppSec teams when using GitHub Actions
• Prioritized SAST and SCA scan results to focus and expedite developer remediation efforts on vulnerabilities that pose the greatest threat
• Automated results feedback loop to eliminate the need for manual intervention when opening and closing defects
• Direct links into the Checkmarx Software Security Platform and access to its dedicated service and support resources for even more comprehensive results and coverage and
• Links to just-in-time, lesson-specific training via Checkmarx Codebashing and online resources for remediation guidance to elevate developers’ secure coding skills.

“GitHub is dedicated to providing open source and enterprise developers with the best possible software development experience,” said John Leon, VP of Business Development, GitHub. “Checkmarx’s new GitHub Action further enables the community to develop secure software, without compromising speed or quality, all within the native GitHub experience.”