Checkmarx
Founded Year
2006Stage
Acq - Fin | AliveTotal Raised
$98.5MValuation
$0000Mosaic Score The Mosaic Score is an algorithm that measures the overall financial health and market potential of private companies.
-22 points in the past 30 days
About Checkmarx
Checkmarx operates as an application security testing company. It provides software solutions to identify, fix, and block security vulnerabilities in websites and mobile applications. It also provides a way for organizations to introduce security into their software development lifecycle. The company was founded in 2006 and is based in Atlanta, Georgia.
Loading...
ESPs containing Checkmarx
The ESP matrix leverages data and analyst insight to identify and rank leading companies in a given technology landscape.
The container & kubernetes security market focuses on providing security solutions and practices specifically designed for containerized environments and Kubernetes orchestration platforms. With the widespread adoption of containers and Kubernetes for deploying and managing applications, ensuring the security of these environments has become crucial. Container & kubernetes security solutions offer…
Checkmarx named as Outperformer among 15 other companies, including Microsoft, Palo Alto Networks, and Synopsys.
Loading...
Research containing Checkmarx
Get data-driven expert analysis from the CB Insights Intelligence Unit.
CB Insights Intelligence Analysts have mentioned Checkmarx in 3 CB Insights research briefs, most recently on Feb 20, 2024.
Feb 20, 2024
The hardware security market map
Jul 28, 2023
The cloud security market map
Expert Collections containing Checkmarx
Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.
Checkmarx is included in 4 Expert Collections, including Conference Exhibitors.
Conference Exhibitors
5,302 items
Cybersecurity
10,088 items
These companies protect organizations from digital threats.
Tech IPO Pipeline
257 items
The tech companies we think could hit the public markets next, according to CB Insights data.
Defense Tech
1,273 items
Defense tech is a broad field that encompasses everything from weapons systems and equipment to geospatial intelligence and robotics. Company categorization is not mutually exclusive.
Checkmarx Patents
Checkmarx has filed 11 patents.
The 3 most popular patent topics include:
- software testing
- barcodes
- computer security
Application Date | Grant Date | Title | Related Topics | Status |
|---|---|---|---|---|
7/22/2021 | 12/5/2023 | Software testing, Computer security exploits, Static program analysis tools, Software design patterns, Computer security | Grant |
Application Date | 7/22/2021 |
|---|---|
Grant Date | 12/5/2023 |
Title | |
Related Topics | Software testing, Computer security exploits, Static program analysis tools, Software design patterns, Computer security |
Status | Grant |
Latest Checkmarx News
Nov 4, 2024
Supply Chain Attack Uses Smart Contracts for C2 Ops Security researchers claim to have discovered the first-ever open source supply chain attack combining blockchain technology with traditional attack vectors. Checkmarx said it found the malicious “jest-fet-mock” package on npm. It spoofs two legitimate and widely used JavaScript testing utilities: “fetch-mock-jest” and “Jest-Fetch-Mock.” “The attacker used a classic typosquatting technique by misspelling ‘fetch’ as ‘fet’ while maintaining the key terms ‘jest’ and ‘mock,’” it wrote. “Given that the legitimate packages are primarily used in development environments where developers typically have elevated system privileges, and are often integrated into CI/CD pipelines, we believe this attack specifically targets development infrastructure through the compromise of testing environments.” However, the really novel part of the attack chain comes once the victim downloads the malicious package. “When executed, the malware interacts with a smart contract at address ‘0xa1b40044EBc2794f207D45143Bd82a1B86156c6b.’ Specifically, it calls the contract ‘getString’ method, passing ‘0x52221c293a21D8CA7AFD01Ac6bFAC7175D590A84’ as a parameter to retrieve its [command-and-control] C2 server address,” Checkmarx explained. “By using the blockchain in this way, the attackers gain two key advantages: their infrastructure becomes virtually impossible to take down due to the blockchain’s immutable nature, and the decentralized architecture makes it extremely difficult to block these communications.” This provides the threat actors with greater agility. Rather than hardcoding C2 server addresses in the malware, they simply update the smart contract whenever needed to point to a new server. Thus, even if network defenders block one C2 server, their adversaries can simply switch to a new one by updating the contract. “The discovery of ‘jest-fet-mock’ reveals how threat actors are finding different ways to compromise the software supply chain,” Checkmarx concluded. “This case serves as an important reminder for development teams to implement strict security controls around package management and carefully verify the authenticity of testing utilities, especially those requiring elevated privileges.” You may also like Read
Checkmarx Frequently Asked Questions (FAQ)
When was Checkmarx founded?
Checkmarx was founded in 2006.
Where is Checkmarx's headquarters?
Checkmarx's headquarters is located at 7000 Central Parkway, Atlanta.
What is Checkmarx's latest funding round?
Checkmarx's latest funding round is Acq - Fin.
How much did Checkmarx raise?
Checkmarx raised a total of $98.5M.
Who are the investors of Checkmarx?
Investors of Checkmarx include Hellman & Friedman, TPG, Insight Partners, Salesforce Ventures, XT Investments and 4 more.
Who are Checkmarx's competitors?
Competitors of Checkmarx include Vidoc Security Lab, PortSwigger, MergeBase, Oxeye, Myrror Security and 7 more.
Loading...
Compare Checkmarx to Competitors
Snyk focuses on developer security within the technology industry. The company offers services that help developers build secure applications and allow security teams to meet the demands of the digital world. Its services include finding and fixing vulnerabilities in code, dependencies, containers, and infrastructure as code. It was founded in 2015 and is based in Boston, Massachusetts.
Veracode focuses on intelligent software security in the technology industry. The company offers a software security platform to continuously find and fix flaws and vulnerabilities in software throughout the development lifecycle using artificial intelligence (AI). It primarily sells to sectors such as the public sector, financial services, software and technology, retail and e-commerce, and healthcare. Veracode was formerly known as Veracode Securities Corporation. It was founded in 2006 and is based in Burlington, Massachusetts.
StackHawk focuses on application and application programming interface (API) security testing in the technology sector. The company provides services that enable developers to find, understand, and fix security vulnerabilities in their software before it is shipped, with a particular emphasis on integrating these services into continuous integration and continuous delivery (CI/CD) workflows. It primarily serves the software development and cybersecurity industries. It was founded in 2019 and is based in Denver, Colorado.
Invicti Security is a company that focuses on web application security in the information technology and cybersecurity industry. The company offers automated application security testing services, enabling organizations to continuously scan and secure their web applications and APIs. Invicti primarily serves sectors such as IT & Telecom, Government, Financial Services, Education, and Healthcare. Invicti Security was formerly known as Mavituna Security. It was founded in 2005 and is based in Austin, Texas.
ImmuniWeb is a cybersecurity company focused on application security testing, attack surface management, and dark web monitoring. The company offers a suite of services including penetration testing, vulnerability scanning, and security monitoring to secure web and mobile applications, cloud services, and network infrastructure. ImmuniWeb's AI Platform is designed to prevent supply chain attacks, data breaches, and ensure compliance with various regulatory requirements. ImmuniWeb was formerly known as High-Tech Bridge. It was founded in 2019 and is based in Geneva, Switzerland.
Contrast Security specializes in modernized application security within the cybersecurity industry. The company offers a platform that embeds code analysis and attack prevention directly into software, providing integrated, comprehensive security observability for accurate assessment and continuous protection of an entire application portfolio. Contrast Security's solutions cater to developers, AppSec teams, and SecOps teams, aiming to protect applications from known and unknown threats without the need for disruptive scanning or specialized security experts. It was founded in 2014 and is based in Los Altos, California.
Loading...