PARAMUS, N.J.--(BUSINESS WIRE)--Nov 20, 2024--
With the vast majority of development teams using open source software and employing agile development, Checkmarx, the industry leader in cloud-native application security for the enterprise, has announced a new generation in software supply chain security with its Secrets Detection and Repository Health solutions to minimize application risk.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20241120723914/en/
Checkmarx software supply chain solutions are offered within the consolidated Checkmarx One enterprise application security platform. These new solutions, Repository Health and Secrets Detection , expand Checkmarx’ software supply chain security offering, joining Software Composition Analysis (SCA), Malicious Package Protection, AI Security and Container Security. Together, they secure every critical aspect of the enterprise software supply chain, equipping development and security teams to identify and mitigate risk at each stage of their software development lifecycle.
“The software supply chain is increasingly targeted by threat actors looking for new ways to breach the enterprise,” said Kobi Tzruya, Chief Product Officer at Checkmarx. “It’s complex and interdependent by nature, with a huge variety of elements and potential entry points to secure. Checkmarx is expanding the capabilities of Checkmarx One to help organizations maximize supply chain security, reduce risk, and fully secure their application development on a single platform.”
Secrets Detection
Secrets are a natural byproduct of application development. Developers often “hard code” credentials to simplify iteration during coding and testing but may forget to remove them before moving the application into production. As the enterprise increasingly moves to the world of agile development, microservices and cloud, the problem and its associated risk will only increase due to the ever-expanding number of services that will need to be collaborated on during the development phase.
Checkmarx Secrets Detection reduces risk by quickly identifying sensitive credentials that may be exposed, enabling development and security teams to quickly remove discovered secrets. Part of the Checkmarx One platform, Secrets Detection accurately identifies more than 170 different types of secrets, including API keys, certificates, exposed credential, encryption keys, tokens, private URLs and other sensitive data.
Repository Health
Checkmarx’ Repository Health helps teams maximize the security posture of their software supply chain by continuously tracking health scores for all software repositories across the application footprint. Scoring is based on more than a dozen key factors in areas such as code quality, dependency management, continuous integration/continuous delivery (CI/CD) best practices and project maintenance.
Checkmarx One introduces 13 new automated checks covering critical areas such as binary artifacts, code reviews, continuous integration packaging and best practices, enabling developers and security leaders to maintain robust repository health. These checks range from searching for binary artifacts within the code to ensuring that best practices of secure development are being followed, such as checking for the completion of code reviews or fuzzing, along with automatic continuous integration checks.
For more information about Checkmarx Secrets Detection and Repository Health, visit this page.
About Checkmarx
Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services balance the dynamic needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders. We are honored to serve more than 1,800 customers, including 40 percent of all Fortune 100 companies.
Follow Checkmarx on LinkedIn, YouTube and X.
Repository Health offers real-time visibility into the security and maintenance status of code repositories, helping teams proactively address issues and maintain secure development practices. (Graphic: Business Wire)
Secrets Detection reduces the risk of unauthorized access by identifying sensitive credentials unintentionally exposed in code. (Graphic: Business Wire)
KYIV, Ukraine (AP) — The Biden administration will allow Ukraine to use American-supplied antipersonnel land mines to help it slow Russia’s battlefield progress in the war, the U.S. defense secretary said Wednesday, in Washington's second major policy shift in a week after its decision to let Ukraine strike targets on Russian soil with longer-range U.S.-made missiles.
The war, which reached its 1,000-day milestone on Tuesday, has largely been going Russia's way in recent months. Russia’s bigger army is slowly pushing Ukraine’s outnumbered army backward in the eastern Donetsk region, while Ukrainian civilians have repeatedly been clobbered by Russian drones and missiles often fired from inside Russia.
The U.S. and some other Western embassies in Kyiv stayed closed Wednesday after a threat of a major Russian aerial attack on the Ukrainian capital.
U.S. Defense Secretary Lloyd Austin said the change in Washington's policy on antipersonnel land mines for Ukraine follows changing tactics by the Russians.
Russian ground troops are leading the movement on the battlefield, rather than forces more protected in armored carriers, so Ukraine has “a need for things that can help slow down that effort on the part of the Russians,” Austin said during a trip to Laos.
Antipersonnel land mines have long been criticized by charities and activists because they present a lingering threat to civilians. Austin countered that argument.
“The land mines that we would look to provide them would be land mines that are not persistent, you know, we can control when they would self-activate, self-detonate and that makes it far more safer eventually than the things that they are creating on their own,” Austin said.
Russia has already been using land mines in Ukraine.
Nonpersistent land mines generally require batteries, so overtime they become unable to detonate, making them safer for innocent civilians than those that remain deadly for years.
Austin noted that Ukraine is currently manufacturing its own antipersonnel land mines.
The U.S. already provides Ukraine with antitank land mines. Russia has routinely used land mines in the war, but those do not become inert overtime.
The war has taken on a growing international dimension with the arrival of North Korean troops to help Russia on the battlefield — a development which U.S. officials said prompted Biden’s policy shift on longer-range missiles and which angered the Kremlin.
Russian President Vladimir Putin subsequently lowered the threshold for using his nuclear arsenal, with the new doctrine announced Tuesday permitting a potential nuclear response by Moscow even to a conventional attack on Russia by any nation that is supported by a nuclear power.
That could potentially include Ukrainian attacks backed by the U.S..
Austin’s announcement Wednesday was likely to further vex Russia.
The American diplomatic mission in Kyiv said it had received a warning of a potentially significant Russian air attack on the capital and was staying shut for the day. It anticipated a quick return to regular operations.
The Spanish, Italian and Greek embassies also shut to the public for the day, but the U.K. government and France said that their embassies remained open.
Western leaders dismissed the Russian reaction to the U.S. missile decision as an attempt to deter Ukraine’s allies from providing further support to Kyiv, but the escalating tension weighed on stock markets after Ukraine used American-made ATACMS longer-range missiles for the first time to strike a target inside Russia.
Western and Ukrainian officials say Russia been stockpiling powerful long-range missiles, possibly in an upcoming effort to crush the Ukrainian power grid as winter settles in.
Military analysts say the U.S. decision on the range over which American-made missiles can be used isn't expected to be a game-changer in the war, but it could help weaken the Russian war effort, according to the Institute for the Study of War, a Washington think tank.
“Ukrainian long-range strikes against military objects within Russia’s rear are crucial for degrading Russian military capabilities throughout the theater," it said.
Meanwhile, North Korea recently supplied additional artillery systems to Russia, according to South Korea. It said that North Korean soldiers were assigned to Russia’s marine and airborne forces units and some of them have already begun fighting alongside the Russians on the front lines.
Ukraine struck a factory in Russia’s Belgorod region that makes cargo drones for the armed forces in an overnight attack, according to Andrii Kovalenko, the head of the counterdisinformation branch of Ukraine’s Security Council.
He also claimed Ukraine hit an arsenal in Russia’s Novgorod region, near the town of Kotovo, located about 680 kilometers (420 miles) behind the Ukrainian border. The arsenal stored artillery ammunition and various types of missiles, he said.
It wasn't possible to independently verify the claims.
Lolita C. Baldor and Tara Copp contributed from Washington.
Follow the AP’s coverage of the war at https://apnews.com/hub/russia-ukraine
U.S. Defense Secretary Lloyd Austin delivers a speech during a groundbreaking ceremony for the Combined Coordination Center at Camp Aguinaldo military headquarters in Quezon City, Philippines Monday, Nov. 18, 2024. (AP Photo/Aaron Favila)
Ukraine's President Volodymyr Zelenskyy, second left, awards honor medals to soldiers during his joint visit with Denmark's Prime Minister Mette Frederiksen, second right, to a military hospital in Kyiv, Ukraine, Tuesday, Nov. 19, 2024. (Mads Claus Rasmussen/Ritzau Scanpix via AP)
In this photo provided by the Ukraine's 65th Mechanised Brigade press service on Nov. 19, 2024, Ukrainian soldiers attend a training at a polygon in Zaporizhzhia region, Ukraine. (Andriy Andriyenko/Ukraine's 65th Mechanised Brigade via AP)
