Agentic software safety firm Checkmarx immediately unveiled Checkmarx One, a platform constructed for the age of agentic improvement.
The platform embeds agentic, AI-driven safety throughout code, dependencies, AI property and runtime, which allows enterprises to have oversight and visibility into safety proper from the beginning.
“Conventional AppSec was by no means constructed to take care of AI coding,” the place code is generated at machine pace, Eran Kinsbruner, vice chairman of promoting at Checkmarx, instructed SD Instances. “Once you speak about AI, you speak about unprecedented scale and pace. And the one technique to keep on high of that’s by matching the very same capabilities, particularly on the pace and scale.”
Kinsbruner pointed that in the event you merely belief the 1000’s of strains of code that AI can generate in minutes or much less, you’ll be making a construct with none code high quality, evaluation and safety. “And, in the event you’re passing within the AI scale and pace section of the IDE, otherwise you’re going to merge AI code into current legacy code, then you definately’re shifting in direction of the supply management, administration, the CI/CD pipeline, and [in terms of security], it’s already too late. The code is already shifting to the following process. So it’s form of an countless loop right here that you must govern” to make sure safety.
Checkmarx views this as an evolution from the software program improvement life cycle to the agentic improvement life cycle, Kinsbruner mentioned. “The way in which we see the agentic improvement life cycle, you’ve got a number of management factors. In the event you’re in a position to govern these management factors with automated AI code opinions, AI high quality checks, but additionally agentic AI safety within the coding section inside the IDE, then after the pull request, in the event you missed something within the coding and all through all the AI provide chain up till manufacturing, you possibly can vibe code efficiently, securely, and you’ll truly bridge the danger hole that we’re speaking about between velocity and safety. As a result of proper now, that is form of the barrier you’ve got, a spot between the rate that AI provides you as a software program engineer or AI engineer and the safety that you’ve got on the finish of the highway.”
On the core of the reimagined Checkmarx One platform is a brand new structure powered by agentic safety brokers and AI-native intelligence throughout the software program and AI provide chain.
In line with the corporate’s launch, key improvements inside Checkmarx One embrace:
Triage Help, an autonomous AI agent that prioritizes vulnerabilities in supply management based mostly on real-world exploitability and contextual threat, enabling groups to concentrate on what really issues relatively than static severity scores.
Remediation Help, generates review-ready fixes for validated vulnerabilities earlier than code merges, accelerating safe supply and lowering handbook remediation overhead.
AI Provide Chain Safety, a centralized governance and visibility layer for AI elements embedded in fashionable functions. It discovers hidden AI property, together with fashions, brokers, datasets, prompts, and AI-BOM parts, detects model-loading and execution dangers, and enforces coverage inside current improvement workflows.
AI SAST, a hybrid LLM-powered and query-based evaluation engine that expands detection throughout rising, unsupported, and AI-generated programming languages, extending safety past conventional rules-based scanning.
DAST for AI, a next-generation dynamic evaluation engine that strengthens runtime safety throughout CI/CD and manufacturing environments, supporting versatile testing methods for AI-accelerated functions.
Collectively, the corporate mentioned in its announcement, these improvements “shift software safety from reactive evaluation to agentic governance, aligned with the pace and complexity of AI-driven software program improvement.”
“AI has compressed the software program improvement lifecycle from months to minutes,” Jonathan Rende, chief product officer at Checkmarx, mentioned within the announcement. “When functions transfer that quick, threat compounds simply as rapidly. Our redesigned agentic platform permits improvement organizations to innovate at machine pace whereas securing AI generated functions to guard the enterprise.”