CxSuite

Application Security Made Easy

®
SOURCE CODE ANALYSIS Manage the Risks
Detailed reports help you visualize and prioritize your
Checkmarx Suite® is the most powerful Source Code Analysis

CxSuite

categories, operating system (OS) platforms, programming

languages and frameworks. By integrating into the Software
Development Life Cycle (SDLC), Checkmarx’s automatic code
review suite allows organizations to address the challenge of
securing the code while cutting down on time and costs.

CHECKMARX PATENTED
CxSuite IS DESIGNED FOR
VIRTUAL COMPILER ACCURATE AND EFFECTIVE RESULTS:
Scan unbuilt code - without a compiler
• The widest range of vulnerability checks
The Virtual Compiler enables developers to test code
• Virtually zero false-positive results
anywhere, anytime, while avoiding problems of compiler • Hundreds of out-of-the-box security queries
and operating system compatibility. Developers can test •
uncompiled and unlinked code, their independent modules • Integration into the SDLC
or any other application subsets in a true developer desktop •
deployment that reinforces good security awareness and • Graphical representation of discovered vulnerabilities
practices as the code is written

IT’S ALL ABOUT

ACCURACY
THE NEXT GENERATION OF CODE
AUDITING
Only with Checkmarx can auditors test code at the earliest
Visualization of vulnerabilities is the key to quick
stages of the SDLC. Further, auditors can easily conduct spot
remediation of insecure code. The CxSuite presents all the
checks without worrying about duplicating development
path details that describe the vulnerability’s full anatomy.
environments. This is especially important for complex
A sophisticated patented engine locates and graphically
legacy applications where auditors can quickly inspect code
presents a full attack path in the code for quick review.
with no setup.
of vulnerable lines of code for remediation.
Supported coding languages:

Checkmarx Ltd. • +1.917.470.9501 • [Link] • info@[Link]

 Application Security Made Easy

INDUSTRY VULNERABILITY CLASSIFICATION: Investigate the Scans

OWASP top 10, SANS 25, PCI, mitre CWE Quickly identify the exact place in the code to eliminate
each vulnerability.
OUT OF THE BOX VULNERABILITY QUERY SAMPLES:
• SQL Injection •
• Cross-site scripting • Session poisoning
• Code injection • Unhandled exceptions
• • Unreleased resources
• Parameter tampering • Unvalidated input
• Cross-site request forgery • URL redirection attack
• HTTP splitting •
• Log forgery • Hardcoded password
• DoS • And more…

CAPABILITIES DESCRIPTION AND ADVANTAGES COUNTLESS SCALABILITY FEATURES FOR

EFFECTIVE INTEGRATION INTO THE SDLC:
Extremely accurate Virtually zero false-positives provide an
• Virtually unlimited project size
• Supports all major development languages
Patened Virtual Compiler Scan unbuilt code—without a from multiple OS platforms.
compiler • Web services, websites and client-server based
applications support
A Each vulnerability attack path is fully
• Enforces coding practices and regulatory
presented for easy investigation requirements (PCI, HIPAA, SOX, and more...)
Next generation An intuitive query language is available • Hundreds of out of the box security checks and
query language for tailoring checks to customer needs compliance standards

Vulnerability coverage Hundreds of out of the box security

checks suited for every organization
Business logic
vulnerability review
Unmatched capability of investigating
ABOUT CHECKMARX
Coding practice Customization of queries allows Checkmarx is the leading provider for source code
enforcement analysis. Founded in 2006, Checkmarx provides
User hierarchy support Extensive user and privilege comprehensive solutions for automated security code
management capabilities review. Its technology is used by large corporations
and small and medium-sized organizations across all
Results reporting & export Full dashboard report for Projects, industries. Checkmarx pioneered the concept of a query
Tasks. Export to numerous formats: language-based solution for tracking technical and
xml, csv, etc. Integration with ticketing logical code vulnerabilities, and continues to bring new
systems
Multitier architecture Manager server, multiple scan engines hacker free world.
and click-once thin clients

Checkmarx Ltd. • +1.917.470.9501 • [Link] • info@[Link]