SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Application Security
#
AI
#
Risk & Compliance

Checkmarx integration with Mobb to reduce vulnerability remediation time

Wed, 8th Nov 2023
Author image
By Shannon Williams, Journalist

Checkmarx, an industry leader in cloud-native application security for enterprise, has announced an integration with Mobb, the trusted automated vulnerability fixer.

According to the companies, this collaboration aims to streamline the application security testing and remediation process within developer workflows. The integration is expected to significantly reduce the time-to-remediation from approximately five hours to a mere five minutes.

Checkmarx's leading Static Application Security Testing (SAST) solution, renowned for its accuracy, minimises the 'noise' in the developer workflow, thereby optimising the testing process. "Developers can trust that alerts are genuinely exploitable problems and be guided to fix the most critical vulnerabilities first," the company says.

On the other hand, Mobb's AI engine utilises heuristics to perform auto-remediation of vulnerabilities identified by Checkmarx with just a few clicks. With this, developers are released from the need to review scan reports in search of fixes and fix locations, enabling them to focus on innovation.

According to Ori Bendet, VP of Product Management at Checkmarx, "Mobb and Checkmarx share a vision of the vital nature of application security at a time when code drives every aspect of the enterprise and AI is disrupting everything". He further added that this first integration from their partnership with Mobb not only accelerates the time-to-delivery of new applications, but also helps build trust between Application Security (AppSec) leaders and developers, thereby reducing risk and maximizing return on investment.

The chief executive officer at Mobb, Eitan Worcel, also shared his thoughts on the newly formed partnership. He noted that, "Running Checkmarx and Mobb in the pipeline completely changes the narrative of security tools from being the delaying factor to one that provides a productivity and efficiency boost, allowing companies to do more with less."

The integration facilitates a seamless and streamlined developer workflow which typically proceeds as follows: a developer commits code changes to the organisation’s code hosting platform, a Checkmarx SAST scan is automatically initiated, Mobb analyses the reported vulnerabilities and the developer’s source code, proposes a fix, presents it side-by-side with the vulnerable code. The developer then approves and commits the fix, and finally, Checkmarx verifies the effectiveness of the fix through a scan.

Key features of the new integration include the capacity to scan with Checkmarx through Mobb Command Line Interface (CLI), and the ability for users to retrieve their applications managed in Checkmarx One directly into Mobb without having to import or configure each of them individually.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Appdome enhances geo-fraud detection with new security features
Exabeam, LogRhythm merge to form AI-driven security giant
Radware launches DNSaaS & NoKey to boost cloud services
Developer trust in AI tools declines despite increased usage
NormCyber launches Data Protection Risk Assessment service
Top stories
CrowdStrike's major IT outage prompts call for infrastructure investment
Unlocking the ingenuity of the crowd: Winning the war on cybercrime
Cybersecurity fears rise ahead of 2024 Paris Olympics
BlackBerry reveals new cyber-espionage campaign by SideWinder
Veeam & Splunk enhance backup security with new integration