IT Brief US - Technology news for CIOs & IT decision-makers
United States

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Software engineers analyzing application security with data charts shields modern office
#
Application Security
#
ERP
#
LLMs

Checkmarx named leader in Forrester Wave for SAST & AI tools

Today
Author image
By Catherine Knowles, Journalist

Checkmarx has been named a Leader in the latest Forrester Wave assessment of Static Application Security Testing.

The analysis by Forrester evaluated ten significant suppliers in the SAST market, rating their offerings, strategic direction, and customer feedback. Checkmarx received the highest rating among all evaluated vendors in the Current Offering category.

Checkmarx achieved the maximum score of 5 out of 5 in eight key criteria established by Forrester. These criteria cover several aspects such as risk prioritisation, language and framework support, modern application development, policy management, application portfolio risk management, AI-powered tools in the software development lifecycle, product roadmap, and supporting services and offerings.

Forrester's report highlighted the company's focus on artificial intelligence. As stated by Forrester, "Checkmarx stands out for its investment in AI."

The evaluation further notes that, "Checkmarx's vision is to secure modern applications. To help customers develop AI with guardrails and executive visibility, Checkmarx is developing a suite of AI agents for code creation, policies, and insights. In addition, its SAST roadmap includes support for AI programming languages and frameworks, integration with AI code generators, and LLM security."

Last month, Checkmarx introduced the first agent from this AI suite, called Checkmarx One Developer Assist. Now generally available, this tool integrates directly with major Integrated Development Environments (IDEs), aiming to provide developers with quicker and more accurate threat notifications alongside step-by-step remediation guidance. According to early feedback from users with initial access, the tool has delivered measurable improvements in both speed and precision when dealing with security vulnerabilities.

The Forrester report noted, "Checkmarx is ideal for enterprises leveraging existing and emerging technologies in their application development."

Technical development

Checkmarx continues to build on its SAST capabilities within the Checkmarx One platform. This platform provides comprehensive code analysis, scalability tailored to enterprise demands, and integration with various stages of the software development cycle. According to the company, these efforts are part of ongoing improvements targeting speed, accuracy, and enhancement of the developer experience.

Jonathan Rende, Chief Product Officer at Checkmarx, commented, "At Checkmarx, we see being recognized as the clear Leader in the Forrester Wave for SAST and the highest rated vendor in the current offering category as clear validation of our customer focus and innovation. In our view, Forrester's recognition of our AI investments and roadmap underscores the value we're delivering today and our belief that enterprises must prepare now to secure the future of AI-driven development."

Market adoption

The Checkmarx One platform, first released in December 2021, has seen broad use, with the company reporting that over 800 billion lines of code are scanned monthly. The user base encompasses more than 850 enterprise customers and tens of thousands of developers, who rely on the platform to enhance their organisations' software security practices.

Checkmarx's current direction includes further development of its AI toolset, enhanced support for new programming languages, and deeper integration across the development workflow. These steps are intended to address current market needs for speed, accuracy, and usability in code security analysis and remediation.

Industry context

Forrester regularly performs market assessments such as the The Forrester Wave: Static Application Security Testing Solutions, with a focus on objectivity and impartial evaluation. As per Forrester's standing policy, it does not endorse any company, product, or service featured in its research publications. The assessments and ratings supplied are reflective of Forrester's professional judgment at the time and may be revised to reflect market changes or new data.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Databricks secures USD $1 billion to boost AI & hits USD $100 billion value
JFrog unifies compliance with new evidence partners for AppTrust
Icertis launches Vera AI agents to transform contract management
PDFFlex automates extraction & validation for complex PDFs
Semarchy launches flexible Data Platform with AI & DataOps focus

Top stories

Nasuni expands global R&D with new innovation centre in Hyderabad
Wavelo unveils solution to unlock legacy telecom data for AI
SentinelOne to acquire Observo AI to boost AI-native security data
TetraLogical launches self-led online courses in digital accessibility
Siemens joins CHERI Alliance to boost cybersecurity in EDA sector