Business Software for Checkmarx
View:
Compare business software, products, and services to find the best solution for your business or organization. Use the filters on the left to drill down by category, pricing, features, organization size, organization type, region, user reviews, integrations, and more. View and sort the products and solutions that match your needs in the results below.
-
1
Cortex
Cortex
Cortex is the AI-powered Internal Developer Portal that helps engineering leaders build organizations that ship reliable, secure, and efficient software, faster. It uses AI to make sense of your engineering data, figure out the next unlock for your team, and solve it, all in one place. Trusted by high-performing engineering organizations, Cortex integrates seamlessly with existing tools to provide a centralized, actionable view of service health and ownership. • Within minutes, determine who owns each service with Cortex’s AI service ownership model across thousands of repositories. • Standardize golden paths using Workflows, enabling teams to scaffold new services & provision infrastructure in minutes. • Consistently uphold best practices and standards across your organization with automated Scorecards and targeted Initiatives. • Make informed, impactful actions based on real-time insights. -
2
ZeroPath
ZeroPath
ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with advanced program analysis to find and automatically fix vulnerabilities. ZeroPath provides complete security coverage: 1. AI-powered SAST for business logic flaws & broken authentication 2. SCA with reachability analysis 3. Secrets detection and validation 4. Infrastructure as Code 5. Automated patch generation. any more... ZeroPath delivers 2x more real vulnerabilities with 75% fewer false positives. Our research team has been successful in finding vulns like critical account takeover in better-auth (CVE-2025-61928, 300k+ weekly downloads), identifying 170+ verified bugs in curl, and discovering 0-days in production systems at Netflix, Hulu, and Salesforce. Trusted by 750+ companies and performing 200k+ code scans monthly.Starting Price: Free -
3
Android
Google
This summer, we’re expanding the ways we keep you safe and finding new ways to keep you connected. Here are the latest features available on your Android device. New delightful and helpful experiences across all of the devices that are connected to your Android phone. Your one-stop home for all your favorite entertainment. From movies and TV shows to games and books. Android 11 is optimized for how you use your phone. Helping you manage conversations. And organize your day. With tools designed to help you do more. Meet people using Android to change what's possible in daily life. Watch and read stories about creative, driven people discovering how to make their world more colorful and connected. With Android by their side. Choices for work, gaming, 5G streaming and anything else. There’s over 24,000 phones and tablets that run on Android. So no matter what you’re looking for, there’s something for you. Your security and privacy are at the heart of what we do. -
4
Visual Studio Code
Microsoft
Visual Studio Code (VS Code) is Microsoft’s open-source AI code editor designed to make coding faster, smarter, and more collaborative. It supports thousands of extensions and nearly every programming language, offering developers a lightweight yet powerful environment for writing, testing, and debugging code. With AI-powered features like GitHub Copilot, Next Edit Suggestions, and Agent Mode, VS Code helps you code with precision, automate complex tasks, and streamline development workflows. It integrates seamlessly with cloud services, remote repositories, and tools like Git, Docker, and Azure. The editor is fully customizable, allowing you to personalize your layout, color themes, and keyboard shortcuts. Whether coding locally or in the browser, VS Code delivers a complete development experience for individuals and teams alike.Starting Price: Free -
5
Eclipse IDE
Eclipse Foundation
Eclipse IDE The Leading Open Platform for Professional Developers used in computer programming. Better Than Ever. The Eclipse IDE delivers what you need to rapidly innovate. Easier IDE configuration The Eclipse IDE Installer 2020-09 and several packages now include a Java Runtime Environment (JRE). Improved theming and styling. Improved Windows dark theme and GTK light theme. Moving to bleeding edge. Eclipse IDE now needs Java 11 as a minimum version to run on, but you can compile any version as usual. New experimental features. Support for aarch64. Linux support landed this version. Node.js is now embedded For all our LSP-based toolings, Node.js is now embedded to make things work out of the box Free and open source Free and open source; released under the terms of the Eclipse Public License 2.0. Powered by Participation. A vast ecosystem of plugins from an active community -
6
Visual Studio
Microsoft
Microsoft Visual Studio is the industry-leading integrated development environment (IDE) for building modern applications across desktop, mobile, cloud, and web. It empowers developers to write, refactor, debug, test, and deploy software faster with intelligent assistance powered by GitHub Copilot and AI-driven workflows. With Agent Mode, developers can automate repetitive coding tasks, optimize performance, and receive contextual help directly in the IDE. The suite includes Visual Studio 2022, the comprehensive IDE for .NET and C++ development on Windows, and Visual Studio Code, the lightweight, cross-platform editor supporting JavaScript, Python, and dozens of other languages. Visual Studio integrates seamlessly with Azure, GitHub, and CI/CD pipelines, enabling teams to collaborate and ship code efficiently. Trusted by millions worldwide, Visual Studio provides the tools and intelligence developers need to build reliable, scalable, and secure applications from concept to release.Starting Price: $45/user/month -
7
Nucleus
Nucleus
Nucleus is redefining the vulnerability management software category as the single source of record for all assets, vulnerabilities, and associated data. We unlock the value you’re not getting from existing tools and place you squarely on the path to program maturity by unifying the people, processes, and technology involved in vulnerability management. With Nucleus, you receive unmatched visibility into your program and a suite of tools with functionality that simply can’t be replicated in any other way. Nucleus is the single shift-left tool that unifies development and security operations. It unlocks the value you’re not getting out of your existing tools and puts you on the path to unifying the people, processes, and technology involved in addressing vulnerabilities and code weaknesses. With Nucleus, you’ll get unmatched pipeline integration, tracking, triage, automation and reporting capabilities and a suite of tools with functionality.Starting Price: $10 per user per year -
8
Java
Oracle
The Java™ Programming Language is a general-purpose, concurrent, strongly typed, class-based object-oriented language. It is normally compiled to the bytecode instruction set and binary format defined in the Java Virtual Machine Specification. In the Java programming language, all source code is first written in plain text files ending with the .java extension. Those source files are then compiled into .class files by the javac compiler. A .class file does not contain code that is native to your processor; it instead contains bytecodes — the machine language of the Java Virtual Machine1 (Java VM). The java launcher tool then runs your application with an instance of the Java Virtual Machine.Starting Price: Free -
9
Python
Python
The core of extensible programming is defining functions. Python allows mandatory and optional arguments, keyword arguments, and even arbitrary argument lists. Whether you're new to programming or an experienced developer, it's easy to learn and use Python. Python can be easy to pick up whether you're a first-time programmer or you're experienced with other languages. The following pages are a useful first step to get on your way to writing programs with Python! The community hosts conferences and meetups to collaborate on code, and much more. Python's documentation will help you along the way, and the mailing lists will keep you in touch. The Python Package Index (PyPI) hosts thousands of third-party modules for Python. Both Python's standard library and the community-contributed modules allow for endless possibilities.Starting Price: Free -
10
Opsera
Opsera
You choose your tools, we take care of the rest. Put together the perfect CI/CD stack that fits your organization’s goals with zero vendor lock-in. Eliminate manual scripts and stop building toolchain automation. Free your engineers to focus on your core business. Pipeline workflows follow a declarative model so you focus on what is required — not how it’s accomplished — including: software builds, security scans, unit testing, and deployments. With Blueprints, diagnose any failures from within Opsera using a console output of every step of your pipeline execution. Comprehensive software delivery analytics across your CI/CD process in a unified view — including Lead Time, Change Failure Rate, Deployment Frequency, and Time to Restore. Contextualized logs for faster resolution and improved auditing and compliance.Starting Price: $3.60 per user , Min 300 devs -
11
Axonius
Axonius
Axonius gives customers the confidence to control complexity by providing a system of record for all digital infrastructure. With a comprehensive understanding of all assets including devices, identities, software, SaaS applications, vulnerabilities, security controls, and the context between all assets, customers are able to mitigate threats, navigate risk, decrease incident response time, automate action, and inform business-level strategy — all while eliminating manual, repetitive tasks. Recognized as creators of the Cyber Asset Attack Surface Management (CAASM) category and innovators in SaaS Management Platform (SMP) and SaaS Security Posture Management (SSPM), Axonius is deployed in minutes and integrates with hundreds of data sources to provide a comprehensive asset inventory, uncover gaps, and automatically enforce policies and automate action. -
12
JupiterOne
JupiterOne
JupiterOne is a cyber asset analysis platform every modern security team needs to collect and transform asset data into actionable insights to secure their attack surface. JupiterOne was created to make security as simple as asking a question and getting the right answer back, with context, to make the right decision. With JupiterOne, organizations are able to see all asset data in a single place, improve confidence in choosing their priorities and optimize the deployment of their existing security infrastructure.Starting Price: $2000 per month -
13
Vulcan Cyber
Vulcan Cyber
At Vulcan Cyber we’re changing the way businesses reduce cyber risk through vulnerability remediation orchestration. We help IT security teams go beyond remedial vulnerability management to help them drive vulnerability remediation outcomes. The Vulcan platform consolidates vulnerability and asset data, with threat intelligence and customizable risk parameters to deliver risk-based vulnerability prioritization insights. But we don't stop there. Vulcan remediation intelligence takes the vulnerabilities that matter to your business and attaches the remedies and fixes needed to mitigate the threat. Then Vulcan orchestrates and measures the rest of the remediation process with integrations and inputs into application security, DevSecOps, patch management, configuration management, and cloud security tools, teams and functions. From scan to fix, Vulcan Cyber delivers the unique ability to orchestrate the entire vulnerability remediation process to GET FIX DONE at scale.Starting Price: $999 / month -
14
Logilica
Logilica
Logilica is the software engineering intelligence platform for fast moving software development teams. Fusing DevOps and Git analytics Logilica enables software leaders with distributed teams to deliver faster, more predictably. One-click connectors and APIs to your existing platform tools to ingest engineering data without moving a finger or filling in a spreadsheet. Prebuilt reports and analytics for humans. Track and optimize your investment effort, risks, and delivery speed. Effortlessly, automatically. Benefit from our open ELT data pipeline to ingest your own data, define your own metrics and dashboards, and create custom insights in minutes. See predicted delays, where to unblock processes, and how to improve delivery flow.Starting Price: $33/user/month -
15
InsightCloudSec
Rapid7
You transform your business, we’ll keep your cloud services secure. InsightCloudSec enables you to drive innovation through continuous security and compliance. Achieve continuous security and compliance and prevent misconfigurations through unified visibility and monitoring and real-time automated remediation. Secure configurations and workloads through automated cloud security and vulnerability management across dynamic cloud environments. Manage identity and effective access across ephemeral resources, at scale. InsightCloudSec is a fully-integrated cloud-native security platform, your whole cloud security toolbox in a single solution. Consumer privacy (or the lack thereof) is a huge societal concern and the focus on protecting privacy is manifesting itself through many forms, including regulations like the California Consumer Privacy Act and General Data Protection Regulation.Starting Price: $66,000 per year -
16
ASP.NET
Microsoft
Blazor is a feature of ASP.NET for building interactive web UIs using C# instead of JavaScript. Blazor gives you real .NET running in the browser on WebAssembly. .NET is a developer platform made up of tools, programming languages, and libraries for building many different types of applications. ASP.NET supports industry standard authentication protocols. Built-in features help protect your apps against cross-site scripting (XSS) and cross-site request forgery (CSRF). ASP.NET provides a built-in user database with support for multi-factor authentication and external authentication with Google, Twitter, and more.Starting Price: Free -
17
Kotlin
Kotlin
Easy to pick up, so you can create powerful applications immediately. Compatible with the Java ecosystem. Use your favorite JVM frameworks and libraries. Share application logic between web, mobile, and desktop platforms while keeping an experience native to users. Save time and get the benefit of unlimited access to features specific to these platforms. Kotlin has great support and many contributors in its fast-growing global community. Enjoy the benefits of a rich ecosystem with a wide range of community libraries. Help is never far away — consult extensive community resources or ask the Kotlin team directly. Kotlin Multiplatform Mobile is an SDK for iOS and Android app development. It offers all the combined benefits of creating cross-platform and native apps. Maintain a single codebase for networking, data storage, analytics, and the other logic of your Android and iOS apps.Starting Price: Free -
18
PHP
PHP
Fast, flexible and pragmatic, PHP powers everything from your blog to the most popular websites in the world. The PHP development team announces the immediate availability of PHP 8.0.20. When using the PHP.net website, there is even no need to get to a search box to access the content you would like to see quickly. You can use short PHP.net URLs to access pages directly.Starting Price: Free -
19
Visual Basic
Microsoft
Visual Basic is an object-oriented programming language developed by Microsoft. Using Visual Basic makes it fast and easy to create type-safe .NET apps. Visual Basic focuses on supplying more of the features of the Visual Basic Runtime (microsoft.visualbasic.dll) to .NET Core and is the first version of Visual Basic focused on .NET Core. Many portions of the Visual Basic Runtime depend on WinForms and these will be added in a later version of Visual Basic. .NET is a free, open-source development platform for building many kinds of apps. With .NET, your code and project files look and feel the same no matter which type of app you're building. You have access to the same runtime, API, and language capabilities with each app. A Visual Basic program is built up from standard building blocks. A solution comprises one or more projects. A project in turn can contain one or more assemblies. Each assembly is compiled from one or more source files.Starting Price: Free -
20
Swift
Apple
Writing Swift code is interactive and fun, the syntax is concise yet expressive, and Swift includes modern features developers love. Swift code is safe by design and produces software that runs lightning-fast. Swift is the result of the latest research on programming languages, combined with decades of experience building Apple platforms. Named parameters are expressed in a clean syntax that makes APIs in Swift even easier to read and maintain. Even better, you don’t even need to type semi-colons. Inferred types make code cleaner and less prone to mistakes, while modules eliminate headers and provide namespaces. To best support international languages and emoji, Strings are Unicode-correct and use a UTF-8 based encoding to optimize performance for a wide-variety of use cases. You can even write concurrent code with simple, built-in keywords that define asynchronous behavior, making your code more readable and less error-prone.Starting Price: Free -
21
Ruby
Ruby Language
Wondering why Ruby is so popular? Its fans call it a beautiful, artful language. And yet, they say it’s handy and practical. Since its public release in 1995, Ruby has drawn devoted coders worldwide. In 2006, Ruby achieved mass acceptance. With active user groups formed in the world’s major cities and Ruby-related conferences filled to capacity. Ruby-Talk, the primary mailing list for discussion of the Ruby language, climbed to an average of 200 messages per day in 2006. It has dropped in recent years as the size of the community pushed discussion from one central list into many smaller groups. Ruby is ranked among the top 10 on most of the indices that measure the growth and popularity of programming languages worldwide (such as the TIOBE index). Much of the growth is attributed to the popularity of software written in Ruby, particularly the Ruby on Rails web framework.Starting Price: Free -
22
Scala
Scala
Scala combines object-oriented and functional programming in one concise, high-level language. Scala's static types help avoid bugs in complex applications, and its JVM and JavaScript runtimes let you build high-performance systems with easy access to huge ecosystems of libraries. The Scala compiler is smart about static types. Most of the time, you need not tell it the types of your variables. Instead, its powerful type inference will figure them out for you. In Scala, case classes are used to represent structural data types. They implicitly equip the class with meaningful toString, equals and hashCode methods, as well as the ability to be deconstructed with pattern matching. In Scala, functions are values, and can be defined as anonymous functions with a concise syntax.Starting Price: Free -
23
Perl
Perl
Perl is a highly capable, feature-rich programming language with over 30 years of development. Perl is a highly capable, feature-rich programming language with over 30 years of development. Perl runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. "Perl" is a family of languages, "Raku" (formerly known as "Perl 6") is part of the family, but it is a separate language which has its own development team. Its existence has no significant impact on the continuing development of "Perl". Perl includes powerful tools for processing text that make it ideal for working with HTML, XML, and all other mark-up and natural languages. Perl can handle encrypted Web data, including e-commerce transactions.Starting Price: Free -
24
Go
Golang
With a strong ecosystem of tools and APIs on major cloud providers, it is easier than ever to build services with Go. With popular open source packages and a robust standard library, use Go to create fast and elegant CLIs. With enhanced memory performance and support for several IDEs, Go powers fast and scalable web applications. With fast build times, lean syntax, an automatic formatter and doc generator, Go is built to support both DevOps and SRE. Everything there is to know about Go. Get started on a new project or brush up for your existing Go code. An interactive introduction to Go in three sections. Each section concludes with a few exercises so you can practice what you've learned. The Playground allows anyone with a web browser to write Go code that we immediately compile, link, and run on our servers.Starting Price: Free -
25
Apache Groovy
The Apache Software Foundation
Apache Groovy is a powerful, optionally typed and dynamic language, with static-typing and static compilation capabilities, for the Java platform aimed at improving developer productivity thanks to a concise, familiar and easy to learn syntax. It integrates smoothly with any Java program, and immediately delivers to your application powerful features, including scripting capabilities, Domain-Specific Language authoring, runtime and compile-time meta-programming and functional programming. Concise, readable and expressive syntax, easy to learn for Java developers. Closures, builders, runtime & compile-time meta-programming, functional programming, type inference, and static compilation. Flexible & malleable syntax, advanced integration & customization mechanisms, to integrate readable business rules in your applications. Great for writing concise and maintainable tests, and for all your build and automation tasks.Starting Price: Free -
26
Phoenix Security
Phoenix Security
Phoenix Security enables security, developers, and businesses to all talk the same language. We help security professionals focus on the vulnerabilities that matter most across cloud, infrastructure, and application security. Laser focuses on the 10% of vulnerabilities that matter today, and reduces risk faster with prioritized contextualized vulnerabilities. Threat intelligence automatically in the risk improves efficiency enabling fast reaction. Threat intelligence automatically in the risk improves efficiency enabling fast reaction. Aggregate, correlate and contextualize multiple security tools and data sources, providing your business with unprecedented visibility. Break down the silos between application security, operational security, and the business.Starting Price: $3,782.98 per month -
27
Betterscan.io
Betterscan.io
Reduce MTTD & MTTR with full coverage within minutes of using. Full DevSecOps toolchain across your all environments, implementing and collecting evidence as part of your continuous security. Unified and de-duplicated across all the layers we orchestrate. One line to add several thousand checks + AI. It was built with security in mind, and we have avoided common security mistakes and pitfalls. Understands modern technologies. All are callable via REST API. Integrateable with CI/CD systems, lightweight and fast. You can self-host it for 100% code control and transparency, or run source available binary only in your own CI/CD. Use a source-available solution for complete control and transparency. Trivial setup, no software installation, compatible with many programming languages. Detects more than several thousand code and infrastructure issues and counting. You can review the issues, mark them as false positives, and collaborate on issues.Starting Price: €499 one-time payment -
28
SD Elements
Security Compass
SD Elements (SDE) helps AppSec teams keep up with rising development demands by defining the exact security requirements a project needs early, often cutting review time by 30–50%. As a Security by Design platform, it identifies risks during planning and architecture—when fixes are fastest—and turns them into clear, standards-mapped requirements developers can use. SDE evaluates architecture, data sensitivity, and regulatory needs to generate the right controls with concise implementation guidance. This allows small AppSec teams to support security across 100+ applications without adding headcount while ensuring consistent, standardized requirements across teams and products. The platform integrates with Jira, CI/CD pipelines, and other dev tools so security tasks align with delivery workflows. Directors gain visibility into requirement coverage, security posture, and audit readiness, making it easier to reduce risk, track progress, and report to leadership. -
29
Rapid7 InsightConnect
Rapid7
InsightConnect is Rapid7’s security orchestration, automation and response (SOAR) solution, with which you can accelerate your time-intensive, highly manual incident response and vulnerability management processes. Connect teams across your IT and security systems with clear communication, collaboration, and integration. Streamline your manual, repetitive tasks with connect-and-go workflows, no code necessary. Supercharge your security operations with automation that drives efficiency, without sacrificing analyst control. Streamline and accelerate highly manual, time-intensive, processes 24 hours a day. With more than 300 plugins to connect your IT and security systems, and a library of customizable workflows, you’ll free up your security team to tackle bigger challenges, while still leveraging their expertise. Incident response can be time consuming. If you’re suffering from alert fatigue, you understand. -
30
Flosum
Flosum
A fully native release management and version control system for Salesforce that simply works. Bring together people, processes, and technology to optimize, visualize, and govern business value flow through your entire Salesforce ecosystem. An all-in-one solution for requirements management, version control, deployments and regression testing. Designed with a “clicks not code” approach to achieve the goals that Salesforce developers require, allowing changes to components limited by Git-based solutions, keeping orgs in sync, and executing deployments quicker than ever before. Built to work in the most sophisticated DevOps environments, including integration with Git, Jira, Azure DevOps, Selenium, and many other tools that our clients require. Finish your deployments in minutes, not hours or days. Our click-not-code functionality for DevOps covers all operations seamlessly. We give developers full-scale power tools they need, in the ways they’ve always wanted.
