🗂️ Navigation
📁 Infrastructure as Code
📋 IaC Compliance
🔧 Checkmarx One

Checkmarx One

The enterprise application security platform.

Visit Website →

Overview

Checkmarx One is an enterprise application security platform that provides a comprehensive solution for securing the entire software development lifecycle. It includes a wide range of capabilities, including Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Infrastructure as Code (IaC) scanning, which is powered by the open-source tool KICS.

✨ Key Features

  • IaC scanning with KICS
  • Static Application Security Testing (SAST)
  • Software Composition Analysis (SCA)
  • API security
  • Container security
  • Developer security education

🎯 Key Differentiators

  • Comprehensive application security platform
  • Strong SAST and SCA capabilities
  • IaC scanning powered by the open-source KICS engine

Unique Value: Provides a single, unified platform for securing the entire software supply chain, from code to cloud.

🎯 Use Cases (3)

Comprehensive application security testing Securing the entire software supply chain IaC security and compliance

✅ Best For

  • Using Checkmarx One to get a unified view of application security risks, from code to cloud.

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Organizations that only need a standalone IaC scanner.

🏆 Alternatives

Veracode Snyk Fortify

Offers a more comprehensive and integrated set of application security testing capabilities compared to point solutions, providing a holistic view of application risk.

💻 Platforms

Web API

🔌 Integrations

All major IDEs, CI/CD tools, and source control repositories

🛟 Support Options

  • ✓ Email Support
  • ✓ Live Chat
  • ✓ Phone Support
  • ✓ Dedicated Support (Custom tier)

🔒 Compliance & Security

✓ SOC 2 ✓ HIPAA ✓ BAA Available ✓ GDPR ✓ ISO 27001 ✓ SSO ✓ SOC 2 Type II ✓ ISO 27001 ✓ PCI DSS ✓ HIPAA ✓ GDPR

💰 Pricing

Contact for pricing

✓ 14-day free trial

Free tier: NA

Visit Checkmarx One Website →

🔄 Similar Tools in IaC Compliance

Snyk IaC

Find and fix security issues in your Terraform, CloudFormation, Kubernetes, and ARM configurations....

Contact

Checkov

An open-source static analysis tool for scanning infrastructure as code (IaC) files for misconfigura...

Contact

Terrascan

An open-source static code analyzer for Infrastructure as Code....

Contact

KICS by Checkmarx

An open-source solution for static analysis of IaC....

Contact

tfsec

A static analysis security scanner for Terraform code....

Contact

Open Policy Agent

An open-source, general-purpose policy engine....

Contact