According to recent research, over 90% of websites are susceptible to attack and hackers can easily exploit website vulnerabilities as has been evidenced in recent password breaches, bank intrusions and the like. From Cenzic's own research, the bulk of the hacker attacks happen at the application layer, so the need for comprehensive testing solutions to detect vulnerabilities at the application layer is obvious.
Cenzic and Checkmarx's strategic alliance provides companies with a single solution to proactively assess and correct security vulnerabilities in applications created for Web, Cloud and Mobile for small, medium and large enterprises. As with all technologies that Cenzic develops, customers will have a solution that delivers results that are more accurate than any competing solution with minimal false positives. Cenzic's solutions also provide best-in-class comprehensive reporting features. Additionally, by leveraging Cenzic's DAST technology, the solution helps companies automate the incredibly challenging task of conducting security assessments.
Most importantly, Cenzic and Checkmarx's engineers are collaborating to combine both companies' technologies to enable proactive security measures on the client and server side portions of mobile applications. The combined solution will uncover security vulnerabilities within the source code of mobile application and Cloud Web Service endpoints that store and serve data. This will be offered initially through Cenzic managed services mobile testing team and will be integrated into both Checkmarx and Cenzic product offerings starting in 2013. The combination of DAST and SAST testing for mobile applications will enable mobile application providers to proactively secure their mobile applications.
"Applications that exploit the nexus of Cloud, Social Media and Mobile application environments create new business opportunities, but also create challenges for organizations to stay ahead of constantly evolving advanced mobile threats. To address this, comprehensive security testing of mobile applications using both dynamic (DAST) and static (SAST) techniques is required," said Neil MacDonald, vice president and Gartner fellow. "Further, all organizations with sensitive information being handled by applications—mobile or not—need to proactively assess the security of these applications using a combination of dynamic and static techniques."
"Combining our SAST solution with Cenzic's DAST offering will provide both of our customer bases with the best available option for uncovering and correcting security flaws in a wide range of applications—from the Web, to the Cloud to Mobile," said Emmanuel Benzaquen, CEO of Checkmarx. "We are leveraging the strengths of both companies, who are the best-of-breed in SAST and DAST, to bring a truly game-changing solution to market that helps eliminate security risks for our collective customers."
"Every day we read about another vulnerability exploited online to steal data, valuable IP, user passwords or credit card information. Companies are realizing the mandate to continually assess and defend against this constant, rapid onslaught in order to protect their data, brand and customers," said Bala Venkat, CMO of Cenzic. "Combining forces with Checkmarx, our customers will now have a seamless mechanism to proactively identify and assess application vulnerabilities across the entire software development lifecycle."
About Cenzic Cenzic provides the leading application security intelligence platform to continuously assess Cloud, Mobile and Web applications to reduce online security risk. Cenzic's solutions scale from single applications to enterprise-level deployments with hybrid approaches that enable testing of applications at optimal levels. Cenzic helps brands of all sizes protect their reputation and manage security risk in the face of malicious attacks. Cenzic's solutions are used in all parts of the software development lifecycle, and most importantly in production, to protect against new threats even after the application has been deployed. Cenzic's application security intelligence platform is architected to handle web, cloud and mobile applications and is the first to provide risk reduction recommendations for business, application developers and specific applications. Today, Cenzic secures more than half a million online applications and trillions of dollars of commerce for Fortune 1000 companies, all major security companies, government agencies, universities and SMBs.
About Checkmarx Ltd. Checkmarx's vision is to commoditized Static Application Security Testing (SAST) throughout the Software Development Lifecycle (SDLC) by promoting the use of cloud computing. Founded by experts in the fields of software and application security, Checkmarx has introduced a number of patented and patent-pending technologies which are revolutionizing the application security field.