PARAMUS, N.J.--(BUSINESS WIRE)--Nov 20, 2024--
With the vast majority of development teams using open source software and employing agile development, Checkmarx, the industry leader in cloud-native application security for the enterprise, has announced a new generation in software supply chain security with its Secrets Detection and Repository Health solutions to minimize application risk.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20241120723914/en/
Checkmarx software supply chain solutions are offered within the consolidated Checkmarx One enterprise application security platform. These new solutions, Repository Health and Secrets Detection , expand Checkmarx’ software supply chain security offering, joining Software Composition Analysis (SCA), Malicious Package Protection, AI Security and Container Security. Together, they secure every critical aspect of the enterprise software supply chain, equipping development and security teams to identify and mitigate risk at each stage of their software development lifecycle.
“The software supply chain is increasingly targeted by threat actors looking for new ways to breach the enterprise,” said Kobi Tzruya, Chief Product Officer at Checkmarx. “It’s complex and interdependent by nature, with a huge variety of elements and potential entry points to secure. Checkmarx is expanding the capabilities of Checkmarx One to help organizations maximize supply chain security, reduce risk, and fully secure their application development on a single platform.”
Secrets Detection
Secrets are a natural byproduct of application development. Developers often “hard code” credentials to simplify iteration during coding and testing but may forget to remove them before moving the application into production. As the enterprise increasingly moves to the world of agile development, microservices and cloud, the problem and its associated risk will only increase due to the ever-expanding number of services that will need to be collaborated on during the development phase.
Checkmarx Secrets Detection reduces risk by quickly identifying sensitive credentials that may be exposed, enabling development and security teams to quickly remove discovered secrets. Part of the Checkmarx One platform, Secrets Detection accurately identifies more than 170 different types of secrets, including API keys, certificates, exposed credential, encryption keys, tokens, private URLs and other sensitive data.
Repository Health
Checkmarx’ Repository Health helps teams maximize the security posture of their software supply chain by continuously tracking health scores for all software repositories across the application footprint. Scoring is based on more than a dozen key factors in areas such as code quality, dependency management, continuous integration/continuous delivery (CI/CD) best practices and project maintenance.
Checkmarx One introduces 13 new automated checks covering critical areas such as binary artifacts, code reviews, continuous integration packaging and best practices, enabling developers and security leaders to maintain robust repository health. These checks range from searching for binary artifacts within the code to ensuring that best practices of secure development are being followed, such as checking for the completion of code reviews or fuzzing, along with automatic continuous integration checks.
For more information about Checkmarx Secrets Detection and Repository Health, visit this page.
About Checkmarx
Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services balance the dynamic needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders. We are honored to serve more than 1,800 customers, including 40 percent of all Fortune 100 companies.
Follow Checkmarx on LinkedIn, YouTube and X.
Repository Health offers real-time visibility into the security and maintenance status of code repositories, helping teams proactively address issues and maintain secure development practices. (Graphic: Business Wire)
Secrets Detection reduces the risk of unauthorized access by identifying sensitive credentials unintentionally exposed in code. (Graphic: Business Wire)
DUBAI, United Arab Emirates (AP) — A tenuous ceasefire appeared to be holding Saturday after the United States struck two Iranian oil tankers, while the country that hosts the U.S. Navy’s regional headquarters said it arrested dozens of people it alleged were linked to Iran’s Revolutionary Guard.
Attacks Friday cast doubt on the month-old ceasefire that the United States has insisted is still in effect. Washington is awaiting an Iranian response to its latest proposal for a deal to end the war, reopen the Strait of Hormuz and roll back Tehran’s disputed nuclear program.
The U.S. military said Friday that its forces had disabled two Iranian tankers that were trying to breach an American blockade of Iran’s ports. Hours earlier, the military said it thwarted attacks on three Navy ships and struck Iranian military facilities in the strait.
Meanwhile, in the small Gulf island of Bahrain, the nation's Ministry of Interior said Saturday it had arrested 41 people it alleges are part of a group affiliated with Iran’s Revolutionary Guard. It said investigations are ongoing to take further action against anyone affiliated with the group but did not provide further details.
Bahrain is led by a Sunni Muslim monarchy but, like Iran, its population is majority Shiite. Rights groups have said that the kingdom has used the war between Iran and the U.S., which bases its Fifth Fleet in the country, as an excuse to crack down on dissent at home.
Iran has mostly blocked the critical waterway for global energy since the U.S. and Israel launched the war on Feb. 28, causing a global spike in fuel prices and rattling world markets. The U.S. has imposed its own blockade of Iran’s ports.
The U.S. military posted video of the two Iranian tankers as their smokestacks were struck by an American fighter jet on Friday. Earlier in the week, an American military jet shot out the rudder of a tanker the U.S. military said was attempting to breach its blockade.
A U.S. strike overnight killed at least one sailor and injured 10 others aboard a cargo vessel that caught fire, a news agency affiliated with Iran's judiciary reported. It was not clear if the ship was one of the two tankers the U.S. acknowledged striking.
Despite the attacks, U.S. President Donald Trump has insisted the ceasefire is holding. He also has reiterated threats to resume full-scale bombing if Iran doesn’t accept an agreement to reopen the strait and roll back its nuclear program.
On Friday, Iranian foreign ministry spokesperson Esmail Baghaei said the country was not paying attention to “deadlines” and Tehran continues reviewing a U.S. proposal related to ongoing negotiations, according to state-run IRNA.
A top Iranian official also said Friday that the country's Supreme Leader Mojtaba Khamenei was in “complete health" and that he would eventually appear in public.
The comments were made by Mazaher Hosseini, who is affiliated with the office of Iran’s former Supreme Leader, at a pro-government gathering. Hosseini said Mojtaba had suffered knee and back injuries but that they’ve largely healed and he’s now in good condition.
Khamenei hasn't been seen in public since the war began and the continued absence of verified images, audio, or video of him has fueled speculation about his status. Remarks such as Hosseini's are seen by some as attempts to counter doubts that he may no longer be alive.
Britain’s defense ministry said it was deploying a warship to the Middle East to join a potential mission to protect commercial ships in the Strait of Hormuz.
The ministry said the destroyer HMS Dragon will “pre-position” in the region, ready to join a U.K.- and French-led security plan once hostilities end. France also announced this week it was moving its aircraft carrier strike group into the Red Sea in preparation for a potential mission in the strait.
Britain and France have led planning meetings involving several dozen countries on a coalition to reestablish freedom of navigation in the strait. But they stress it won’t start until there is a sustainable ceasefire and the maritime industry is reassured ships can go through the strait safely.
Satellite images reviewed by The Associated Press show what appears to be an oil slick in the Persian Gulf emanating from the western side of Kharg Island, Iran’s main crude export terminal.
Images taken Friday show the slick covering about 71 square kilometers (27 square miles) and appear to show oil still leaking from the terminal, said Ami Daniel, CEO of maritime intelligence firm Windward AI.
Daniel estimated that the equivalent of roughly 80,000 oil barrels has spilled from Kharg Island since the slick was first detected by satellite images Tuesday. It’s unknown whether the spill was caused by a malfunction, an airstrike or something else.
He said the spill appears to be spreading southwest and within the next two weeks could potentially reach the shores of the UAE, Qatar or Saudi Arabia.
The Pentagon declined to comment on whether the U.S. military was tracking the spill or whether there had been recent strikes on the Iranian island. Based on the imagery taken earlier this week, the spill occurred before the most recent round of U.S. strikes.
As tensions escalate there's been a flurry of diplomacy across the globe.
Russia’s foreign ministry said Saturday that it, as well as Saudi Arabia, is calling for continued diplomatic efforts to reach a “sustainable, long-term agreement” to end the war, according to Russia's foreign ministry.
Egyptian and Qatari top diplomats have also have reiterated that diplomacy is the sole path to finding a solution, according to a readout of a Saturday phone call between Egyptian Foreign Minister Badr Abdelatty and his Qatari counterpart Sheikh Mohammed bin Abdulrahman Al Thani.
Pakistani Prime Minister Shehbaz Sharif said his country has been in contact with the U.S. and Iran “day and night” in an effort to extend the ceasefire and reach a peace deal.
——
Magdy reported from Cairo, Egypt. Associated Press reporter Jill Lawless contributed from London.
Cargo ships, including bulk carriers and general cargo vessels, sit at anchor offshore as a small motorboat passes in the foreground, in the Strait of Hormuz off Bandar Abbas, Iran, Monday, May 4 , 2026.(Amirhosein Khorgooi/ISNA via AP)
Two men sit in a small boat on the water as cargo ships are anchored in the background in the Strait of Hormuz off Bandar Abbas, Iran, Monday, May 4, 2026. (Amirhosein Khorgooi/ISNA via AP)
