Checkmarx is a leader in Application Security testing solutions. Customers include 4 of the world's top 10 software vendors and many Fortune 500 and government organizations, including Samsung,, Coca Cola and the US Army.

Checkmarx CxSAST is a highly accurate and flexible Source Code Analysis product that allows organizations to automatically scan un-compiled / un-built code and identify hundreds of security vulnerabilities in the most prevalent coding languages.

CxSAST is available as a standalone product and can be effectively integrated into the Software Development Lifecycle (SDLC) to streamline detection and remediation. CxSAST can be deployed on-premise in a private data center or hosted via a public cloud.


For enterprise companies who want to minimize application security risk, CxSAST provides the ability to eliminate vulnerabilities early in the SDLC. Unlike other SAST solutions, CxSAST is widely adopted by development teams because it seamlessly fits in with their existing software development lifecycle.

Our award-winning CxSAST solution:

  • Identifies and tracks application layer security vulnerabilities
  • Integrates seamlessly into the Software Development Life Cycle (SDLC), enabling early detection and mitigation of security bugs
  • Scans uncompiled code in all major programming languages
  • Offers a ‘Best Fix Location’ where and even how to best fix the vulnerability with just one click

CxSAST Mobile
Checkmarx's CxSAST for Mobile is adapted to the ever-growing landscape of mobile applications, both native and hybrid. CxSAST for Mobile is built to help mitigate the security issues unique to the world of mobile  mobile landscape.
Our CxSAST for Mobile:

  • Supports all major coding languages for Android, iOS and Windows including Adobe's popular Phonegap framework
  • Is able to scan new Operating Systems immediately after release due to Checkmarx's unique ability to scan uncompiled code
  • Detects unique-to-mobile vulnerabilities involving application permissions, data input vectors, sensitive data storage, supporting multiple operating systems and providing frequent version releases, cross application communication and cross platform functionality


Checkmarx CxRASP, which stands for ‘Runtime Application Self-Protection’, identifies and blocks application layer attacks with unmatched accuracy. It is the first ever solution to tailor the protection mechanism to the specific flow within your application. The protection mechanism will stay silent as long as your application is not being exploited, making false alarms a thing of the past.

Our CxRASP solution:

  • is built with advanced monitoring capabilities tailored to your applications specific flow
  • offers full integration with SAST solutions, including Checkmarx´s CxSAST solution
  • first verifies a possible security incident before alerting the organization and offering remediation advice

For more information visit  or download CxSAST Data Sheet.

More vendors