Checkmarx One Breaks the AppSec Barrier by Delivering ASPM Directly to Developers

New plugins for the most popular integrated development environments deliver a seamless, scalable experience

Checkmarx, the industry leader in cloud-native application security for the enterprise, today announced the availability of the industry’s most robust application security posture management (ASPM) solution within the most widely used integrated development environments (IDEs). The cloud-based Checkmarx One application security platform dramatically improves developer experience of AppSec-related tasks and provides helpful tools for prioritization and remediation of vulnerabilities without disruption, thereby enabling optimal developer workflows to scale to meet the needs of the business.

With recent research showing that 72% of developers at large enterprises spend more than 17 hours each week on security-related tasks, the challenge of simplifying developer experience of AppSec is critical. In direct response to this challenge, Checkmarx One now delivers ASPM directly to the IDE, empowering developers to accelerate vulnerability prioritization, speed up remediation and better protect the business — all while saving valuable time.

IDC’s Katie Norton, Research Manager for DevSecOps and Software Supply Chain, noted, “Bringing ASPM context directly into the IDE reflects a forward-looking approach to prioritizing security efforts based on risk earlier in the development process. By surfacing relevant insights in context and reducing reliance on downstream ticketing systems, Checkmarx can help developers take timely action on high-priority findings and improve collaboration between security and engineering teams.”

In addition to delivering the ASPM view within the IDE, Checkmarx is announcing powerful new capabilities in Checkmarx One that streamline the process of AppSec for developers, including:

• Pre-commit Secrets Scanning in the IDE, powered by the Checkmarx One detection engine, helps developers eliminate redundant fixes, reduce engineering effort and proactively safeguard the business.
• JFrog Artifactory Integration enables customers to safeguard proprietary code and ensure compliance in private registries while empowering developers to deliver secure code faster.
• Head of Engineering Dashboard allows engineering leaders to gain a single, data-driven view to enforce AppSec best practices and drive engineering efficiency across teams.

"Developer experience is no longer a nice to-have but a must-have for every AppSec program. Scaling application security across the enterprise is hard and the key to success are the development teams,” remarked Ori Bendet, VP of Product at Checkmarx. “Checkmarx One offers everything security and development teams need to be successful. Now we’re taking it one step further and bringing the ASPM view for developers right to where they work.”

Checkmarx One provides complete coverage across any cloud-native application during the development phase. It enables both speed and security to improve the experience of software developers while addressing the rising threats of software supply chain attacks, API exploits and malicious code.

For more information on Checkmarx One, visit this page. To learn more about the developer-centric ASPM capabilities in Checkmarx One, visit Checkmarx in booth #942 at the RSA™ 2025 Conference.

About Checkmarx

Checkmarx helps the world’s largest enterprises get ahead of application risk without slowing down development. More applications, faster pipelines and growing threats are all contributing to skyrocketing risk. Checkmarx helps end the guesswork in identifying the most critical issues to fix. Giving AppSec the tools they need while letting developers work the way they want, from DevOps pipelines to developer experience, Checkmarx helps security and development teams work better together – all on a unified application security platform. That’s why so many enterprises rely on Checkmarx to scan over one trillion lines of code each year, see 2X ROI, and improve developer productivity on security tasks by 50%. Checkmarx. Always Ready to Run.

Follow Checkmarx on LinkedIn, YouTube and X.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250424687393/en/

The cloud-based Checkmarx One platform dramatically improves developer experience of AppSec tasks, providing helpful tools for prioritization and remediation of vulnerabilities without disruption to developer workflows