• A+
  • A-

Checkmarx  is  a  leader  in  Application  Security  testing  solutions. Customers  include  4  of  the  world’s  top  10  software  vendors and  hundreds  of  Fortune  500  and  SMB  organizations  from  all  industries.

Checkmarx  CxSAST  is  a  highly  accurate  and  flexible Source  Code Analysis  product  that  allows  organizations  to  automatically  scan  un-compiled  /  un-built  code  and  identify  hundreds  of  security  vulnerabilities in  the  most  prevalent  coding  languages. 

CxSAST  is  available  as  a  standalone  product  and  can  be  effectively  integrated  into  the  Software  Development  Lifecycle  (SDLC)  to  streamline  detection  and  remediation.  CxSAST  can  be  deployed  on-premise  in  a  private  data  center  or  hosted  via  a  public  cloud.


Checkmarx CxSAST is a unique source code analysis solution that provides tools for identifying, tracking, and repairing technical and logical flaws in the source code, such as security vulnerabilities, compliance issues, and business logic problems.

Without needing to build or compile a software project's source code, CxSAST builds a logical graph of the code's elements and flows. CxSAST then queries this internal code graph. CxSAST comes with an extensive list of hundreds of preconfigured queries for known security vulnerabilities for each programming language. Using the CxSAST Auditor tool, you can configure your own additional queries for security, QA, and business logic purposes.

CxSAST provides scan results either as static reports, or in an interactive interface that enables tracking runtime behavior per vulnerability through the code, and provides tools and guidelines for remediation. Results can be customized to eliminate false positives, and various types of workflow metadata can be added to each result instance. These metadata are maintained through subsequent scans, as long as the instance continues to be found.

CxSAST scans can be manually activatedperiodically scheduled, or initiated upon build by one of our integrated build systems.

CxSAST also supports a wide range of OS platforms, programming languages and frameworks.

CxSAST is deployed on a server and accessed by users via our web interface or one of our IDE plugins (EclipseVisual Studio and IntelliJ).


Sign up for our e-newsletter list!