Checkmarx: Primed for Growth and Success

Can you elaborate on two milestones from Checkmarx over the past 12 months? 

First and foremost, Checkmarx achieved unicorn status in 2020 when we made a deal with U.S. private equity firm Hellman & Friedman to be acquired for $1.15B. This was a pivotal moment in the industry, as it was the largest acquisition of an AppSec company to-date. Not only does this signify just how essential application security has become, but it also recognises our unique approach to AST, our business model, and overall trajectory. This partnership will further propel us forward and strengthen our ability to grow and innovate.

Second was the launch of our new, next-gen software composition analysis solution, CxSCA. With this, security and development teams are empowered to easily identify, prioritise, and remediate vulnerabilities within open source software. The true value of CxSCA is realised when combined with our SAST solution, CxSAST, allowing developers to secure both custom and open source code via one unified platform.

How is Checkmarx enabling businesses to stay secure and identify vulnerabilities efficiently? 

Developers are under immense pressure to develop and deliver software as quickly as possible in order to keep their organisations competitive and relevant. This has only been further exacerbated in the past year, as the global pandemic has put digital transformation on steroids, so to speak.

However, this heightened focus on speed often causes security to fall by the wayside. By not embedding security into software development from the start, organisations are ironically setting themselves up for slowdowns or, worse, security incidents down the line.

We’ve placed a big emphasis on educating the market about the value of automated application security testing (AST) and how industry-leading solutions can help developers achieve both speed and security with their software development efforts. Traditional approaches like pen testing and one-stop shop solutions are no longer enough for securing today’s complex software. Platforms that insert automated security testing throughout all stages of the SDLC are critical.

What are the cybersecurity trends that will shape the coming year and for the Middle East specifically? 

There are a few things in particular I’m expecting:

• Shift to the cloud: Many of our customers and prospects are interested in building and deploying applications in the cloud and the tools that enable them to do this in a secure manner. This is unsurprising given the digital-shift that occurred throughout 2020 and will be a continuing trend.
• Securing open source: We discussed earlier the importance of software development speed. Utilising open source packages is essential for this. But, open source is also an easy target for hackers, and securing these components must be prioritised. SCA solutions are highly-valuable in this regard.
• Prioritising API security: APIs are still a relatively new territory for many security teams. Our customers are eager to learn more about the security pros and cons of these endpoints. APIs, containers, microservices, etc. are all common in modern software, and understanding the intricacies of these components is essential.

What is Checkmarx’s business objective for 2021? 

The same as always – we’re focused on enabling all organisations and developers to build and deploy more secure software so that they can expand, innovate, and flourish. We’ve had an immensely successful 2020, and we’ll look to continue this momentum into the New Year.

What can the regional market expect from Checkmarx in the New Year? 

As we continue to expand our global presence, we’ll have more ‘on-the-ground’ resources in the Middle East to support our customers’ and prospects’ needs. As part of this, we’re also increasing our regional partner ecosystem to extend our reach, providing each of these teams with comprehensive training, PRM, and more.

Spreading education to our customers and prospects about changes in software development and security testing – whether on-prem, in the cloud, or a mix of both – will also continue to be a priority. While we’re clearly dedicated to providing the industry’s best solution for comprehensive AST, we also pride ourselves on being informative, and trusted, resources for the broader DevOps, developer, and AppSec communities.

How are you helping your customers adapt to the new normal? 

At the end of the day, going down a path of digital transformation shouldn’t be done alone, especially with security being mission-critical. We constantly strive to be the best possible partners for our customers as they navigate the rapid evolution of software development and the diverse security challenges that crop up along the way.