Checkmarx Expands its U.S. Federal Government Cloud Service Offerings as it Initiates the Process for a FedRAMP Authorization

4 min.

October 31, 2022

The Checkmarx One™ Application Security Platform is preparing to meet the rigorous requirements of FedRAMP alongside the currently authorized Checkmarx CxSAST

ATLANTA, GA – October 31, 2022Checkmarx, the global leader in developer-centric application security testing (AST) solutions, today announced that it has initiated the process to achieve Federal Risk and Authorization Management program (FedRAMP®) authorization status for its Checkmarx One™ Application Security Platform. FedRAMP promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services.

The company has engaged stackArmor, Inc., a leading provider of FedRAMP engineering and advisory services, to guide Checkmarx through the FedRAMP authorization process. For over 10 years, the experts at stackArmor have been guiding cloud service providers through the process of meeting government compliance standards including the Federal Information Security Modernization Act (FISMA), FedRAMP, and standards set by the National Institute of Standards and Technology (NIST).

“Once authorized, the award-winning Checkmarx One will bring a streamlined, scalable and state-of-the-art application security platform to government customers at a time when AppSec has never been more critical,” said Checkmarx CEO Emmanuel Benzaquen. “Simplicity and ease for both developers and AppSec leaders are critical when delivery deadlines are shrinking, and the threat landscape is expanding.”

The FASTTR ATO offering was developed by stackArmor to accelerate FedRAMP, FISMA and CMMC ATOs for customers in hyper-regulated markets. FASTTR, stands for Faster ATO with Splunk, Telos and ThreatAlert® for Regulated Markets, enhances stackArmor’s ThreatAlert® ATO Accelerator with Telos’ Xacta360 for security compliance and OSCAL automation and Splunk for security information and event management. 

“We created the FASTTR initiative to help our customers reduce the time and costs associated with achieving FedRAMP compliance accreditations,” said Martin Rieger, Chief Solutions Officer, stackArmor. “With Checkmarx leveraging our ATO Acceleration solution, we are looking forward to reducing the time and cost with meeting FedRAMP compliance requirements and accelerating the availability of Checkmarx’ industry leading application security testing services for federal agencies.”

Checkmarx’ pioneering application security testing solutions, Checkmarx Static Application Security Testing (SAST) and Checkmarx Software Composition Analysis (SCA), have been FedRAMP-authorized for use with Project Hosts FedRAMP moderate PaaS since 2016. Completion of the authorization process for Checkmarx One will give development and application security teams at federal agencies access to the company’s market-leading application security platform to secure the entire modern application landscape, including:

  • Custom source code
  • Open source packages
  • The software supply chain
  • Infrastructure-as-code (IaC)
  • APIs
  • Containers

“We’re pleased to be working with stackArmor, a trusted and proven partner in the U.S. federal market, to help bring a uniquely efficient and powerful solution to U.S. government agencies,” said Randall Belknap, U.S. Public Sector Regional Vice President at Checkmarx. “President Biden’s Executive Order 14028 highlights the critical importance of incorporating supply chain security and software bills of materials (SBOMs) within modern application security. Checkmarx stands ready to help agencies prepare now for the standardized approach to cybersecurity that will soon result from the work of the Department of Homeland Security (DHS) – Cybersecurity and Infrastructure Security Agency (CISA) with the General Services Administration (GSA) and the Office of Management and Budget (OMB) to modernize FedRAMP.”

Unlike other solutions, the Checkmarx One platform is highly scalable and integrates seamlessly with developers’ tools and integrated development environments of choice. The platform’s context-sensitive correlation engine, Checkmarx Fusion, and comprehensive threat modeling are unique capabilities that enable a complete and advanced application security approach. Earlier this year, Checkmarx was named a Leader in the 2022 Gartner Magic Quadrant™ for Application Security Testing, its fifth consecutive designation as a Leader. To learn more about Checkmarx or the Checkmarx One platform, visit www.checkmarx.com.

About stackArmor

stackArmor delivers cloud security, compliance, and managed services solutions to commercial and government customers. Based in the Washington D.C. metro area, the company is a specialist in providing acceleration solutions on AWS and AWS GovCloud for meeting FedRAMP and other Government-centric security frameworks. Its services extend to the provision of advisory, cybersecurity engineering, package documentation, and continuous monitoring solutions for customers in regulated markets such as government, the public sector, defense, space, aerospace, healthcare, and education.

About Checkmarx

Checkmarx is constantly pushing the boundaries of Application Security (AppSec) Testing to make security seamless and simple for the world’s developers while giving CISOs the confidence and control they need. As the AppSec leader, Checkmarx offers the industry’s most comprehensive AppSec platform, Checkmarx One, that provides developers and security teams with unparalleled accuracy, coverage, visibility and guidance to reduce risk across all components of modern software—including proprietary code, open source, APIs and infrastructure as code. Over 1,800 customers worldwide, including U.S. public sector agencies and nearly half of the Fortune 50, trust Checkmarx security technology, expert research, and global services to securely optimize development at speed and scale. For more information, visit the Checkmarx website, check out the blog or follow the company on LinkedIn.

Media Contact

Katie Brookes

Merritt Group for Checkmarx

brookes@merrittgrp.com

Read More

Want to learn more? Here are some additional pieces for you to read.