Archipelo and Checkmarx Unveil Strategic Partnership for Enhanced AppSec Detection and DevSPM Integration
New Partnership Enhances Application Security with Development-Origin Context
A recent collaboration between Archipelo and Checkmarx aims to bridge the gap between application vulnerability detection and development-origin context. This partnership seeks to provide a more comprehensive understanding of software risk by correlating vulnerability findings with development signals.
Limitations of Traditional Application Security Platforms
Traditional application security platforms excel at identifying and prioritizing vulnerabilities across repositories and pipelines. However, they often lack insight into how a vulnerability entered the codebase or what development conditions contributed to its introduction. This limitation can hinder investigation and remediation efforts, particularly in modern software development workflows that involve human developers and AI-assisted coding tools.
Integration of Archipelo and Checkmarx Technologies
To address this challenge, Archipelo and Checkmarx have joined forces to integrate their respective technologies. Archipelo’s Developer Security Posture Management (DevSPM) platform focuses on observable developer actions during software creation, providing valuable context about developer identity, workflow metadata, and code provenance. Checkmarx, on the other hand, offers application security testing and Application Security Posture Management (ASPM) for identifying and managing software risk across development pipelines.
“Understanding how a vulnerability entered the system is just as important as detecting the vulnerability itself,” said Matthew Wise, CEO of Archipelo. “By connecting development context with vulnerability findings, we provide a more complete picture of software risk and enable organizations to prioritize remediation efforts more effectively.”
Ori Bendet, VP of Product Management at Checkmarx, added, “Organizations need more than just vulnerability detection; they need context to act quickly and confidently. Our partnership with Archipelo provides the necessary context to understand how risk enters the software lifecycle, allowing security teams to prioritize remediation based on operational evidence.”
Upcoming Presentation and Partnership Benefits
The two companies will showcase their joint approach in an upcoming presentation, highlighting the benefits of integrating development-origin context with application security testing and ASPM. By providing a more comprehensive understanding of software risk, this partnership aims to enhance the overall security posture of modern software development workflows.
About Author
English