Best IT Security Software for Checkmarx
View:
Compare the Top IT Security Software that integrates with Checkmarx as of June 2025
Sort By:
This a list of IT Security software that integrates with Checkmarx. Use the filters on the left to add additional filters for products that have integrations with Checkmarx. View the products that work with Checkmarx in the table below.
What is IT Security Software for Checkmarx?
IT security software is designed to protect information technology (IT) systems, networks, and data from cyber threats, such as malware, hacking, and unauthorized access. These tools provide various features such as antivirus protection, firewalls, encryption, intrusion detection and prevention systems, and vulnerability management to ensure the integrity, confidentiality, and availability of sensitive information. IT security software helps organizations detect, prevent, and respond to security incidents, mitigate risks, and ensure compliance with industry regulations. It is critical for businesses and individuals to safeguard against cyberattacks, data breaches, and other security vulnerabilities. Compare and read user reviews of the best IT Security software for Checkmarx currently available using the table below. This list is updated regularly.
-
1
Nucleus
Nucleus
Nucleus is redefining the vulnerability management software category as the single source of record for all assets, vulnerabilities, and associated data. We unlock the value you’re not getting from existing tools and place you squarely on the path to program maturity by unifying the people, processes, and technology involved in vulnerability management. With Nucleus, you receive unmatched visibility into your program and a suite of tools with functionality that simply can’t be replicated in any other way. Nucleus is the single shift-left tool that unifies development and security operations. It unlocks the value you’re not getting out of your existing tools and puts you on the path to unifying the people, processes, and technology involved in addressing vulnerabilities and code weaknesses. With Nucleus, you’ll get unmatched pipeline integration, tracking, triage, automation and reporting capabilities and a suite of tools with functionality.Starting Price: $10 per user per year -
2
Axonius
Axonius
Axonius gives customers the confidence to control complexity by providing a system of record for all digital infrastructure. With a comprehensive understanding of all assets including devices, identities, software, SaaS applications, vulnerabilities, security controls, and the context between all assets, customers are able to mitigate threats, navigate risk, decrease incident response time, automate action, and inform business-level strategy — all while eliminating manual, repetitive tasks. Recognized as creators of the Cyber Asset Attack Surface Management (CAASM) category and innovators in SaaS Management Platform (SMP) and SaaS Security Posture Management (SSPM), Axonius is deployed in minutes and integrates with hundreds of data sources to provide a comprehensive asset inventory, uncover gaps, and automatically enforce policies and automate action. -
3
JupiterOne
JupiterOne
JupiterOne is a cyber asset analysis platform every modern security team needs to collect and transform asset data into actionable insights to secure their attack surface. JupiterOne was created to make security as simple as asking a question and getting the right answer back, with context, to make the right decision. With JupiterOne, organizations are able to see all asset data in a single place, improve confidence in choosing their priorities and optimize the deployment of their existing security infrastructure.Starting Price: $2000 per month -
4
Vulcan Cyber
Vulcan Cyber
At Vulcan Cyber we’re changing the way businesses reduce cyber risk through vulnerability remediation orchestration. We help IT security teams go beyond remedial vulnerability management to help them drive vulnerability remediation outcomes. The Vulcan platform consolidates vulnerability and asset data, with threat intelligence and customizable risk parameters to deliver risk-based vulnerability prioritization insights. But we don't stop there. Vulcan remediation intelligence takes the vulnerabilities that matter to your business and attaches the remedies and fixes needed to mitigate the threat. Then Vulcan orchestrates and measures the rest of the remediation process with integrations and inputs into application security, DevSecOps, patch management, configuration management, and cloud security tools, teams and functions. From scan to fix, Vulcan Cyber delivers the unique ability to orchestrate the entire vulnerability remediation process to GET FIX DONE at scale.Starting Price: $999 / month -
5
InsightCloudSec
Rapid7
You transform your business, we’ll keep your cloud services secure. InsightCloudSec enables you to drive innovation through continuous security and compliance. Achieve continuous security and compliance and prevent misconfigurations through unified visibility and monitoring and real-time automated remediation. Secure configurations and workloads through automated cloud security and vulnerability management across dynamic cloud environments. Manage identity and effective access across ephemeral resources, at scale. InsightCloudSec is a fully-integrated cloud-native security platform, your whole cloud security toolbox in a single solution. Consumer privacy (or the lack thereof) is a huge societal concern and the focus on protecting privacy is manifesting itself through many forms, including regulations like the California Consumer Privacy Act and General Data Protection Regulation.Starting Price: $66,000 per year -
6
Phoenix Security
Phoenix Security
Phoenix Security enables security, developers, and businesses to all talk the same language. We help security professionals focus on the vulnerabilities that matter most across cloud, infrastructure, and application security. Laser focuses on the 10% of vulnerabilities that matter today, and reduces risk faster with prioritized contextualized vulnerabilities. Threat intelligence automatically in the risk improves efficiency enabling fast reaction. Threat intelligence automatically in the risk improves efficiency enabling fast reaction. Aggregate, correlate and contextualize multiple security tools and data sources, providing your business with unprecedented visibility. Break down the silos between application security, operational security, and the business.Starting Price: $3,782.98 per month -
7
Betterscan.io
Betterscan.io
Reduce MTTD & MTTR with full coverage within minutes of using. Full DevSecOps toolchain across your all environments, implementing and collecting evidence as part of your continuous security. Unified and de-duplicated across all the layers we orchestrate. One line to add several thousand checks + AI. It was built with security in mind, and we have avoided common security mistakes and pitfalls. Understands modern technologies. All are callable via REST API. Integrateable with CI/CD systems, lightweight and fast. You can self-host it for 100% code control and transparency, or run source available binary only in your own CI/CD. Use a source-available solution for complete control and transparency. Trivial setup, no software installation, compatible with many programming languages. Detects more than several thousand code and infrastructure issues and counting. You can review the issues, mark them as false positives, and collaborate on issues.Starting Price: €499 one-time payment -
8
SD Elements
Security Compass
Security Compass, a pioneer in application security, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows. Its flagship product, SD Elements, helps organizations accelerate software time to market and reduce cyber risks by taking an automated, developer-centric approach to threat modeling, secure development, and compliance. Security Compass is the trusted solution provider to leading financial and technology organizations, the U.S. Department of Defense, government agencies, and renowned global brands across multiple industries. -
9
Rapid7 InsightConnect
Rapid7
InsightConnect is Rapid7’s security orchestration, automation and response (SOAR) solution, with which you can accelerate your time-intensive, highly manual incident response and vulnerability management processes. Connect teams across your IT and security systems with clear communication, collaboration, and integration. Streamline your manual, repetitive tasks with connect-and-go workflows, no code necessary. Supercharge your security operations with automation that drives efficiency, without sacrificing analyst control. Streamline and accelerate highly manual, time-intensive, processes 24 hours a day. With more than 300 plugins to connect your IT and security systems, and a library of customizable workflows, you’ll free up your security team to tackle bigger challenges, while still leveraging their expertise. Incident response can be time consuming. If you’re suffering from alert fatigue, you understand. -
10
Harness
Harness
Harness is an AI-native software delivery platform that helps engineering teams achieve excellence by automating and streamlining the entire software delivery lifecycle. It enables continuous integration, continuous delivery, and GitOps for multi-cloud, multi-region deployments with increased speed and reliability. Harness simplifies infrastructure as code, database DevOps, and artifact management to improve collaboration and reduce errors. The platform offers AI-powered testing, incident response, chaos engineering, and feature management to enhance quality and resilience. Harness also provides cloud cost management, security testing orchestration, and developer insights to optimize performance and governance. Trusted by leading enterprises, Harness accelerates innovation while reducing manual effort and risk. -
11
Kondukto
Kondukto
The Kondukto platform’s flexible design allows you to create custom workflows for responding to risks quickly and efficiently. Take advantage of more than 25 built-in open-source tools ready to run SAST, DAST, SCA, and Container Image scans within minutes without a need for installation, maintenance, or updates. Protect your corporate memory from changes in employees, scanners, or DevOps tools. All security data, statistics, and activities in one place for you to own. Avoid vendor lock or loss of historical data when you need to change an AppSec tool. Verify fixes automatically to ensure better collaboration and less distraction. Boost efficiency by eliminating redundant conversations between AppSec and development teams.Starting Price: $12,000 per annually -
12
Conviso Platform
Conviso Platform
Gain a complete view of your application security. Increase security maturity in your secure development process, and reduce the risks associated with your products. Application Security Posture Management (ASPM) solutions play a crucial role in the ongoing management of application risks, addressing security issues from the development phase to deployment. Efficiently managing an AppSec program, dealing with a growing number of products, and lacking a comprehensive view of vulnerabilities are typically significant challenges for the development team. We enhance the evolution of maturity by supporting the implementation of AppSec programs, monitoring established and executed actions, KPIs, and much more. We enable security to be incorporated into the early stages of development by defining requirements, processes, and policies and optimizing resources and time invested in additional testing or validations.Starting Price: $20.99 per asset -
13
Seeker
Black Duck
Seeker® is an interactive application security testing (IAST) solution that provides unparalleled visibility into your web application's security posture. It identifies vulnerability trends against compliance standards such as OWASP Top 10, PCI DSS, GDPR, CAPEC, and CWE/SANS Top 25. Seeker enables security teams to track sensitive data, ensuring it is handled securely and not stored in log files or databases without proper encryption. Its seamless integration into DevOps CI/CD workflows allows for continuous application security testing and verification. Unlike other IAST solutions, Seeker not only identifies security vulnerabilities but also verifies their exploitability, providing developers with a prioritized list of confirmed issues to address. By employing patented methods, Seeker processes extensive HTTP(S) requests swiftly, reducing false positives to near zero and enhancing productivity while minimizing business risk. -
14
Optiv Managed XDR
Optiv
Attackers are stealthy, relentless and motivated, and might use the same tools you do. They hide in your environment and quickly expand access. We understand the cyber ecosystem because it’s where we live, it’s where we operate. Our MXDR solution’s secret sauce derives from that pedigree, tested processes, proven IP, best-of-breed technology, leveraged automation and providing top-shelf talent to manage it all. Let’s collaborate and develop a custom solution with comprehensive threat visibility, accelerated incident identification, investigation, triage and mitigation actions to protect your enterprise from attacks and threats. We’ll start with your existing investments in endpoint, network, cloud, email and OT/IoT tools. Our experts will get those on the same team, actual technology orchestration! Reduces the attack surface, detects threats faster and automates deep investigation through a continuous approach. -
15
Enso
Enso Security
Enso is transforming application security by empowering organizations to build, manage and scale their AppSec programs. Its Application Security Posture Management (ASPM) platform easily deploys into an organization’s environment to create an actionable, unified inventory of all application assets, their owners, security posture and associated risk. With Enso Security, AppSec teams gain the capacity to manage the tools, people and processes involved in application security, enabling them to build a simplified, agile and scalable application security program without interfering with development. Enso has been recognized with numerous awards including the 2022 Excellence Awards, Globee Awards, and Forbes Top 20 Cybersecurity Startups to Watch. -
16
Seemplicity
Seemplicity
The fundamentals of workplace productivity have been redefined with automated workflows in nearly all domains. But what about security? When it comes to driving risk down, security teams are forced to play air traffic controller, deduplicating, sorting, and prioritizing every security finding that comes in, then routing and following up with developers all across the organization to make sure problems get fixed. The result, is a massive administrative burden on an already resource-constrained team, stubbornly long time-to-remediation, friction between security and development, and an inability to scale. Seemplicity revolutionizes the way security teams work by automating, optimizing, and scaling all risk reduction workflows in one workspace. Aggregated findings with the same solution on the same resource. Exceptions, such as rejected tickets or tickets with a fixed status but an open finding, are automatically redirected to the security team for review. -
17
ArmorCode
ArmorCode
Centralize all AppSec findings (SAST, DAST, SCA, etc) and correlate with infrastructure and cloud security vulnerabilities to get a 360o view of you application security posture. Normalize, de-dup and correlate findings to improve risk mitigation efficiency and prioritize the findings that impact the business. A single source of truth for findings and remediations from across tools, teams and applications. AppSecOps is the process of identifying, prioritizing, remediating and preventing Security breaches, vulnerabilities and risks - fully integrated with existing DevSecOps workflows, teams and tools An AppSecOps platform enables security teams to scale their ability to successfully identify, remediate and prevent high-priority application level security, vulnerability, and compliance issues, as well as identify and eliminate coverage gaps. -
18
Tromzo
Tromzo
Tromzo builds deep environmental and organizational context from code to cloud so you can accelerate the remediation of critical risks across the software supply chain. Tromzo accelerates the remediation of risks at every layer from code to cloud. We do this by building a prioritized risk view of the entire software supply chain with context from code to cloud. This context helps our users understand which few assets are critical to the business, prevent risks from being introduced to those critical assets, and automate the remediation lifecycle of the few issues that truly matter. Contextual software asset inventory (code repos, software dependencies, SBOMs, containers, microservices, etc.), so you know what you have, who owns them, and which ones are important to the business. Understand the security posture for every team with SLA compliance, MTTR, and other custom KPIs, so you can drive risk remediation and accountability across the organization. -
19
Maverix
Maverix
Maverix blends itself into the existing DevOps process, brings all required integrations with software engineering and application security tools, and manages the application security testing process end to end. AI-based automation for security issues management including detection, grouping, prioritization, filtration, synchronization, control of fixes, and support of mitigation rules. Best-in-class DevSecOps data warehouse for full visibility into application security improvements over time and team efficiency. Security issues can be easily tracked, triaged, and prioritized – all from a single user interface for the security team, with integrations to third-party products. Gain full visibility into application production readiness and application security improvements over time. -
20
Opus Security
Opus Security
Prioritize what really matters based on risk, contextual analysis, and event de-duplication. Manage the full remediation lifecycle and eliminate manual effort from the remediation process by introducing automation throughout. Drive cross-organizational initiatives with ease. Consolidate all your issues across posture management and vulnerability tools. Drastically reduce the number of issues by identifying common root causes, and get clear visibility and in-depth reporting. Effectively collaborate with distributed teams within their own tools. Deliver a personalized, relevant experience for every engineer. Provide actionable remediation guidance and practical code suggestions. Easily adapt to your own organizational structure. A centralized, unified platform designed to drive effective remediation across any attack surface, any tool, and any stakeholder. Easily integrating with existing posture management and vulnerability tools, Opus provides much-needed visibility. -
21
Blink
Blink Ops
Blink is an ROI force multiplier for security teams and business leaders looking to quickly and easily secure a wide variety of use cases. Get full visibility and coverage of alerts across your organization and security stack. Utilize automated flows to reduce noise and false positives in alerts. Scan for attacks and proactively identify insider threats and vulnerabilities. Create automated workflows that add relevant context, streamline communications, and reduce MTTR. Take action on alerts and improve your cloud security posture with no-code automation and generative AI. Shift-left access requests, streamline approvals flows, and unblock developers while keeping your applications secure. Continuously monitor your application for SOC2, ISO, GDPR, or other compliance checks and enforce controls. -
22
RiskApp
RiskApp
With RiskApp, you will have the ability to centralize your AppSec data sources, normalize them, and deduplicate the data. RiskApp then helps you understand your unique AppSec posture. Helping you to prioritize where to take action and set your custom RiskAppetite. RiskApp empowers organizations to centralize their application security data, bringing together fragmented tools and processes into a unified platform. Gain a single source of truth for your application security posture. Unlock the power of RiskApp's advanced analytics and insights. Understand and prioritize your application security comprehensively, from vulnerabilities to threat trends. Make data-driven decisions to fortify your defenses and stay ahead of emerging risks. RiskApp simplifies communication between teams via multiple collaboration tools as well as GRC. This enables the RiskApp platform to break barriers between developers and the security team. -
23
Mindflow
Mindflow
Embrace hyper-automation at scale with intuitive no-code & AI-generated flows. Access every tool you need through the most extensive integration library ever provided. Pick the service you want from the Integrations library and automate your way. Onboard and build your first workflows in minutes. Use pre-built templates if you need them, help yourself with the AI assistant, or benefit from the Mindflow excellence center. Type your input in plain-language text and let Mindflow do the rest. Generate workflows adapted to your tech stack from any input. Create AI-generated workflows to help you address any use case and reduce the building time to the minimum. Mindflow redefines enterprise automation, offering an extensive catalog of integrations. Add any new tool to our platform within minutes, breaking the barriers of traditional integration. Connect and orchestrate your tech stack, no matter the tools you use. -
24
AppSOC
AppSOC
Coverage for a wide variety of security scanners - infrastructure, platforms, and applications. Create a single policy to apply across all the scanners in the pipeline - any microservice or application. Enriched software bill of material with information from your SCA platform and multiple scanners. With unified application and vulnerability correlation information reporting, business executives and product owners can accelerate the time to market. With automated triaging, deduping and 95% noise reduction, you know exactly the vulnerabilities to focus on. With workflow automation, risk-based triaging and prioritization, you can now scale instead of manually chasing every issue. With machine learning based correlation and application level risk scoring you have an exact understanding of impact of every vulnerability on your compliance. -
25
Bizzy
Cyberwise
Detecting potential vulnerabilities, aggregating, enriching, and prioritizing them, and taking rapid action is critical in today's world to enhance our resilience against cyber threats. This capability should also be continuous. Bizzy platform reinforces cyber security resilience through prioritization, automation, Big Data analytics, machine learning, and vulnerability management capabilities, enabling continuous, rapid, and precise actions. Today, in order to increase our resilience against cyber attacks, we are able to be informed quickly about the vulnerabilities, bringing them together, It is important that we have the ability to relate and take quick action. carries. This ability should also carry continuity. Bizzy platform with prioritization, automation, and Big Data analysis is continuous, fast, and accurate actionable vulnerability management features It contributes to increasing the security resilience. -
26
Akitra Andromeda
Akitra
Akitra Andromeda is a next-generation, AI-enabled compliance automation platform designed to streamline and simplify regulatory adherence for businesses of all sizes. It supports a wide range of compliance frameworks, including SOC 2, ISO 27001, HIPAA, PCI DSS, SOC 1, GDPR, NIST 800-53, and custom frameworks, enabling organizations to achieve continuous compliance efficiently. The platform offers over 240 integrations with major cloud platforms and SaaS services, facilitating seamless incorporation into existing workflows. Akitra's automation capabilities reduce the time and cost associated with manual compliance management by automating monitoring and evidence-gathering processes. The platform provides a comprehensive template library for policies and controls, assisting organizations in establishing a complete compliance program. Continuous monitoring ensures that assets remain secure and compliant around the clock. -
27
Cider
Cider
Gain granular visibility with engineering technologies, systems, and processes, all the way from code to deployment. Easily connect Cider to your ecosystem and seamlessly integrate security without interrupting engineering. Optimize your CI/CD security, based on a set of prioritized risks and recommendations tailored to your environment. Cider seamlessly integrates with all systems across your CI/CD and provides you with a comprehensive and accurate analysis of all technologies, frameworks, and integrations which exist in the environment. Cider maps all intelligent connections within your environment to create end-to-end visibility over the full CI/CD journey, all the way from SCM user to an artifact deployed to production. Assess the posture of your engineering systems and processes. Analyze your environment against realistic attack scenarios and identify the controls required to reduce your CI/CD attack surface.
- Previous
- You're on page 1
- Next